In the wake of an incident in which multiple high-profile verified Twitter accounts were hacked using Twitter’s own internal tools, comes a Bloomberg report that claims Twitter has been warned about potential account violations in the past.
Former Twitter employees tell the publication CEO Jack Dorsey and the board of directors have been warned security concerns over users’ personal data since 2015.
Bloomberg says about 1,500 employees are directly responsible for internal account management, providing them access to email addresses and phone numbers of millions of Twitter users.
While the workers do not have direct access to the accounts, they can use the personal data to snoop or hack into Twitter accounts, says a former Twitter employee.
A group of workers would create false support tickets to spy on celebrity accounts, including Beyoncé. Using support tickets, Twitter employees can check things like the IP address being used and the approximate location of the accounts.
Some of the Twitter contractors who were caught spying accounts were employed by Cognizant Technology Solutions, but have now been fired. However, the report’s sources say there are other employees who still snoop on those profiles.
In the recent attack which saw 130 accounts hacked, Twitter confirmed that the hackers were aided by employees with access to an internal control panel.
Hackers used the compromised accounts to post tweets saying that if followers sent $1,000 Bitcoin to a certain wallet address then they would receive double the amount in return. Many users fell for the scam, earning the hackers over $100,000 in the space of two hours. The company is now under pressure from users to improve the security of its data.
However, former security employees claim that Twitter does not make security improvements a priority, instead prioritizing consumer products and features, a source of tension for many businesses.
The full story is available on Bloomberg’s website.