Did too many Twitter employees have access to internal account management tools? This is the question one may ask following the Reuters revelation. According to the UK news agency, more than 1,000 people – Twitter employees and Cognizant contractors – could access this interface; a statement stopped at the beginning of 2020.
This interface allows you to manage user accounts, for example to change their preferences or the contact email address. It is this system that was probably used to hack the hundred accounts last week, including those of Joe Biden, Bill Gates, Elon Musk or Kanye West. Hackers would even have accessed the private messages of about thirty of them.
Humans, the weakest link in security
Faced with the security systems deployed by large tech companies, the human factor is increasingly becoming the weak link in this chain. “Threats from insiders, especially lower paid outside support staff, are a constant concern for companies serving large numbers of users,” several cybersecurity experts told Reuters.
The more people who can change the key parameters, the more monitoring needs to be strengthened. Twitter should now review its internal processes for accessing this interface. At the same time, she is looking for a new security manager.