Twitter has been faced with some embarrassment today as it has been revealed that a handful of their celebrities users have had their accounts hacked. Louis Theroux, Eamonn Holmes and Saira Khan all had their accounts taken over by Insinia Security.
The security company, however, did not hack the accounts for malicious reasons but rather to highlight a security flaw within Twitter.
The firm indicated that they had breached the celebs accounts with a message that read, “This account has been temporarily hijacked by INSINIA SECURITY”.
Picture: Twitter / Louis Theroux
The company did, however, assure that the users did not lose access to their accounts but it was clear that they had full control of all Twitter functions.
This kind of breach leaves Twitter users open to having unwanted or fake information being posted under their name, leaving high profile names very vulnerable.
In a blog post, the security firm explained how it as our mobile number that leaves us vulnerable to hacking.
This account is now under the control of @InsiniaSRT. Luckily, this has been H4CK3D to highlight an important vulnerability. The user of this account has NOT lost access to it, no data compromised and is NOT under attack. See how it was done... https://t.co/RL7RscRxjH
— INSINIA SECURITY (@insiniasec) December 27, 2018
They wrote, “We understood the way that Twitter handles incoming texts from your number. If we can text from what appears to be your number then we can interact with, and fully control your Twitter account.”
They have advised twitter to rethink their two-factor authentication that users must have their mobile number for.
