The firm hasn’t offered an in depth rationalization for what occurred, however Jack Dorsey’s account fell sufferer to a “security oversight” at his provider that permit individuals ship tweets via textual content via his cellphone quantity. It’s not clear if that is the results of SIM hijacking, a spoofing try or one thing related.
Whatever the trigger, it is a drastic step. SMS-based tweeting has been a core component of Twitter for the reason that very starting, and it has been out there lengthy for the reason that majority of individuals switched to posting from apps and web sites. Not that Twitter essentially had a lot selection. Attackers are keen to take advantage of this lapse in safety, and there is not any fast repair — this no less than buys the corporate a while.
We’re taking this step due to vulnerabilities that have to be addressed by cell carriers and our reliance on having a linked cellphone quantity for two-factor authentication (we’re engaged on bettering this).
— Twitter Support (@TwitterSupport) September 4, 2019