Yesterday Twitter reported here and here that several (33 to be exact) Twitter accounts were hacked into. This is in addition to the current, but separate, Twitter phishing…otherwise known as “twishing“…exploit that is simulatenously going on.
Regarding the “hack” and use of the celebrities’ Twitter accounts, it brings up some important questions…
Was the hack the result of poor Twitter security, or poor Twitter security practices by the Twitter account owners?
- If a result of poor Twitter security, this is a classic example of technology being widely deployed and used without first establishing appropriate and effective security controls.
- If the “hack” the result of the Twitter account owners sharing their passwords, then shame on the Twitter users. Shouldn’t celebrities and government leaders set a good example and NOT share their accounts with anyone? To say that our highest leaders shouldn’t be bothered by following good security themselves is an old and tired argument, but in this technology-rich time it is no longer a good excuse…and actually never was. A technology-savvy president-elect should also be security-savvy and not share his electronic accounts! If leaders want someone to answer emails, txt msgs, and post blogs and Twitters on their behalf, then why not establish a separate representative account to do so? Save the pres’s personal accounts for his own private and exclusive use. Clueless stars and starlets are another matter and may be, for the most part, lost causes when it comes to security and privacy…
Tags: awareness and training, Barack Obama, Britney Spears, hacker, Information Security, IT compliance, IT training, policies and procedures, privacy training, risk management, security training, twitter