Conversation

Yikes, strongest hypothesis is that the attackers have owned Twitter’s employee admin panel which allows Twitter employees ability to change pw/disable MFA to allow an attacker to take over a prominent account and tweet on their behalf without dealing with their password or MFA.

831

1,847

Rachel Tobac

@RachelTobac

Jul 15, 2020

If that is the case, I’m hoping companies all over the world learn from this example: attackers can’t leverage these tools if your employees don’t have back end access to make these account changes. Reduce admin privileges now.

137

680

JSON Baumgartner

@jasonbaumgartne

Replying to

@RachelTobac

This is a pretty major attack. If it's true that they can completely nullify 2FA / MFA, that's nuts.

9:15 PM · Jul 15, 2020Twitter Web App

Likes