A History of Misuse – Twitter Hack Just the Latest

It’s looking more and more like the Twitter Bitcoin scam was an inside job, or at least aided quite a bit by someone inside of Twitter who had access to do all of that.

But, the interesting part, to me, of this article is at the end. The list of previous issues at social networks of employee misuse of data:

In 2017, a Twitter worker briefly deleted President Donald Trump’s account before it was quickly reinstated.

Two former Twitter employees previously abused their access to spy on users for the Saudi regime, according to the Justice Department.

All tech companies face the issue of malicious insiders. Motherboard has previously revealed how Facebook employees used their privilege access to user data to stalk women; how Snapchat workers had a tool called Snaplion that provides information on users; and how MySpace employees abused a tool called “Overlord” to spy on users during the site’s hayday.

This is exactly the point I was making last year on the Nuix podcast, there’s always the risk of a bad actor. When you have that much data on your users, and someone in charge of keeping it all secure, there’s also a chance that person is going to be the bad actor. Here are a bunch of examples, in just one industry. And, those are only the ones we know about. How many others abused their access to user information and didn’t get caught? How many women have been stalked, people have been harassed, or had their supposedly private information shared inappropriately? By the people who are in charge of controlling access to it in the first place, on social networks, in law enforcement, commercial and banking organizations, etc.

Probably more than we want to admit.

So my challenge, to any entity that is gathering that much information in one place, is to ask yourself a simple question.Is the benefit of keeping all that data about people, or in this case, someone with access to take control of all of these accounts, really outweighing the risk of your own people misusing it, or getting phished and giving up access to it to others? Because eventually, someone will. And you’ll be left to clean up the mess.

Similar Posts

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.