Mikko Hyppönen, F-Secure thoughts on Twitter hack story
July 2020 by Mikko Hypponen, Chief Research Officer chez F-Secure
Comment below from Mikko Hyppönen, chief research officer at F-Secure and around the Twitter / Bitcoin scam story as well as two other experts from F-Secure.
This was the biggest security breach in Twitter’s history, but ordinary users were not affected by it at all – unless they fell for the scams posted by the hacked celebrities.
The way this hack was done also means that there’s nothing any users could have done to prevent it from happening. Regardless, it’s always a good idea to lock down our accounts: use strong, unique passwords via a password manager; enable two-factor authentication; use a unique email address for important accounts. And remember to monitor your account for weird activity. You should pay attention especially if you get an email about unusual access, attempts to change your email address or disable two-factor authentication, or just if you see repeated failed logins.
In the end; this could have been much worse. Twitter is big and important people have large amounts of followers there - but even Snapchat and Reddit have more users than Twitter. The real gorillas in social media are Instagram, YouTube and Facebook.
And the attack could have done far worse things than try to scam Bitcoins out of people; the attackers had access to everything. They could have done anything on Twitter. They could have started tweeting weird things in the names of the U.S. Presidential candidates during the voting this November, for example.