Twitter has played down the significance of the Jeep and Burger King hacking by focussing on password security.
In a blog titled “Keeping our users safe” posted yesterday (19 February) Twitter’s director of information security Bob Lord, calls for all users, including brands, to make sure they adopt smarter passwords.
The move comes as questions have been raised over the site’s security following a number of malicious takeovers of brand accounts and an attack on Twitter’s own systems that saw more than 250,000 Twitter accounts accessed.
Jeep’s Twitter account was taken over yesterday (19 February) and used to claim it had been bought by rival Cadillac. Similarly, Burger King’s Twitter feed was taken over on Monday (18 February). Its branding was changed to feature McDonald’s as the account claimed Burger King had been bought by its rival.
It is thought that takeovers were the result of poor password controls by brands rather than attacks on Twitter’s system. There was speculation from other Twitter users that Burger King’s password ahead of its malicious takeover was “Whopper123”.
Lord encourages users to create passwords of more than 10 upper and lowercase characters including numbers and symbols and use different passwords for different sites.
He says: “This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked. For that reason we felt that it was important to publicise this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”
Meanwhile, MTV has admitted it faked a similar takeover of its account a part of a marketing stunt telling TechCrunch “the hack was pre-planned in the spirit of corporate camaraderie with our sister network, BET [Black Entertainment Television]”.