1) More and more reports are emerging of Twitter's security vulnerabilities since @elonmusk's takeover of the social media platform a few weeks ago, as well as efforts to hack the accounts of certified journalists. In this thread, I will survey how unsafe Twitter has become. 
2) Since @elonmusk's acquisition of Twitter, much of the public's attention has been focused on his mercurial decisions and the increasing lack of content moderation — both legitimate concerns. But security vulnerabilities and breaches are not getting the attention they deserve.
3) As @elonmusk gives priority to the release of his so-called Twitter Files, nefarious actors are working behind the scenes to take advantage of the fact that the social media platform has lost two-thirds of its employees so they can exploit vulnerabilities in its software.
4) In a major breach, Bleeping Computer reports 5.4 million Twitter records were leaked on a hacking forum on Nov. 24, containing private email addresses or phone numbers, as well as publicly scraped data like an account's Twitter ID, name, verified status, location and URL.
5) "While it is concerning that threat actors released the 5.4 million records for free, an even larger data dump was allegedly created using the same vulnerability," writes Lawrence Abrams of Bleeping Computer. That dump potentially contains tens of millions of Twitter records.
6) "The immediate issues here will be leaked private numbers, which may lead to risks to victims of stalking or those voicing unpopular opinions, as well as, of course, for celebrities," Martin Jartelius, chief security officer at Outpost24, told Forbes on Nov. 29.
7) Which brings me back to my own experience. My Twitter account was hacked 5 days ago, but I succeeded in regaining control of it after repeatedly contacting #TwitterSupport. As you know, Twitter staff was decimated following mass layoffs by @elonmusk.
https://twitter.com/a_derfelGazette/status/1601600823565635584https://twitter.com/a_derfelGazette/status/1601600823565635584
8) Sadly, I can report that the Twitter account of my @mtlgazette colleague Bill Brownstein (@billbrownstein) was hacked but has since been restored. It was temporarily taken over by an imposter claiming to be a "Community Support Employee For @Twitter." This is patently false.
9) As I noted yesterday, the Twitter account of CBC reporter @HannahThibedeau was hacked temporarily, too. Like Brownstein, the phisher stole her certified blue check-mark in an attempt to dupe other Twitter users.
10) Since @elonmusk took over Twitter, he's made his contempt known for any reporter who dares question his controversial decisions or policies. Result? Journalists are now fair game for hackers on Twitter, and #TwitterSupport appears to be doing nothing.
https://twitter.com/marynmck/status/1601984940500983811
ADDENDUM: One final point: If major security breaches and hacks were to proliferate, potentially resulting in real harm and should Twitter do little to respond, it's likely that @elonmusk and the company could be exposed to civil litigation and possible class actions over this.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
