Twitter AP Account Whitehouse Hack Leads To Two-Factor Security

Apr 24, 2013 • 8:02 am | comments (2) by twitter Google+ | Filed Under Social Search Engines & Optimization
 

I am sure you all know that at around noon yesterday, the Associated Press had their Twitter account hacked by Syrian hackers. The hack was easy but significant, in that they tweeted that there were explosions at the White House and Barack Obama was injured. It caused the market to tank in a three minute period until the AP was able to communicate that it was not real and someone hacked and posted the fake story.

Here is the tweet via CNN:

AP Twitter Hack

Here is how the market reacted in a 3 minute period tanking and then recovering:

DJI Twitter HAck Reaction

Clearly this shows how important Twitter is to the markets. You know, Bloomberg added Twitter to their stock dashboards for traders months ago.

So Twitter says they will be adding two-factor authentication to make these hack attempts almost impossible. The thing is, can you see that working for news organizations that have dozens of people responsible for posting stories to their Twitter feed? Maybe?

Anyway, I know you probably know this news but I need to post it here just because I will likely need to reference back to it in the future.

Twitter has earned the respect of virtually everyone. As the moderator at WebmasterWorld said, "I don't think people would've given this tweet that much credibility if the situation in Boston hadn't just happened."

What do you think?

Forum discussion at WebmasterWorld.

Previous story: Daily Search Forum Recap: April 23, 2013
 

Comments:

ethalon

04/24/2013 12:38 pm

"So Twitter says they will be adding two-factor authentication to make these hack attempts almost impossible. The thing is, can you see that working for news organizations that have dozens of people responsible for posting stories to their Twitter feed? Maybe?" I just assume there will now be a password phone sitting in the office...and maybe a secretary who forwards the one-time passwords to those interested in posting who are not in the office? I suspect it would be a real pain, but that's the only 'solution' my early-morning brain can think of.

Fedor

04/25/2013 02:34 pm

It's not a big pain. You can do 2-factor via a phone app/desktop app or fobs. Either way, people are careless and if someone wants to get your 2-factor, they can by taking your phone of fob. Then anything they post is more credible. It all depends on ones' determination.

blog comments powered by Disqus