Infosecurity

Hacker infiltrates Obama's Twitter account

By Robin Hicks | 6 May 2009

A hacker has claimed to have broken into the internal administration system of the popular social networking site Twitter, giving him access to the accounts of millions of users - including Barack Obama and Britney Spears.

View photos

Related Categories

• INFOSECURITY

From this Section

• NEWS

The French hacker - known as ‘Hacker Croll’ - has said that by stealing a password from a Twitter staffer and by resetting the employee’s Yahoo password after guessing his ‘secret question’, the hacker got access to the staffer’s login details.

Among the private information accessible to the hacker was the email addresses of compromised accounts, mobile phone numbers, and the list of accounts blocked by the affected user.

“This is just the latest in a string of security issues at Twitter in recent months, and the web site is surely in danger of losing the confidence of its users who will be rattled by yet another breach,” said Graham Cluley, senior technology consultant at infosecurity firm Sophos.

“Just like with the recent Twitter worm outbreaks, this is not so much a case of Twitter raising awareness among its many users about sensible online security, but learning a few lessons itself. Careless security by the micro-blogging site could potentially put millions of Twitter users at risk.”

Sophos advises that Twitter’s internal security could be improved if staff were forced to log-in using authentication tokens that provide a randomly generated key upon login, meaning that even if a staffer’s username and password is compromised hackers would not be able to gain access.