Jack Dorsey, Twitter CEO was hacked on Friday. Users suggest that he may have fallen prey to a vulnerability that the social network had been previously warned about.
His account on Friday tweeted a couple of racist content. Twitter acknowledged that someone may have hacked into the account and announced that the account had been retrieved and that there was no cause for an alarm.
The hack raised a pertinent question as to how one could safeguard their account if the CEO of the said company became a scapegoat. Details from the probe indicate that Dorsey was a victim of SIM swapping, an old practice in which a hacker illegally pays a mobile carrier employee to switch a phone number to the hacker’s device. Twitter notified the users about the incidence in a follow up tweet on Friday night.
“The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorised person to compos and send tweets via text message from the phone number. That issue is now resolved.”
With this hacking approach, someone can bribe anyone with a thousand dollars in exchange for a SIM swap. Once the hacker is in control of the phone number associated with your Twitter account, they can text any tweet to Twitter’s number, 40404 and the tweet will be published to your account. The hacker will not need to verify their identification or password.
Twitter declined to comment about the possibility of making changes in its security practices following the CEO’s incident.
In this case, there is apparently no way to dodge a bullet from hackers if they were to use this feature. Even if you decide to shut down the ability to use text messages to send a tweet from your account is to permanently delete your phone number from Twitter. If you do this, you will automatically disable the two-factor authentication on your account.
However, there are still some things you can do to stay safe.
How To Protect Your Account
The easiest way to stay safe from hackers is to always have the two-factor authentication on. This is an additional verification step to confirm your identity beyond your regular password before you are able to log in. However, this doesn’t completely protect you from the claws of hackers.
Another step is to use the Google Authentication phone app. This model provides codes. A hacker would need to handle your phone before they can get the codes. You can also use a piece of hardware you can buy separately that generates codes. A hacker would also need to physically steal this to gain access into your account.
Until Twitter changes its security practices, those are the available options for you to safeguard your Twitter account.