The Associated Press, a multinational news agency based in New York City, experienced a Twitter hack earlier this week. Around 12:00 PM PST on Tuesday, April 23 hackers tweeted from @AP, “Breaking: Two Explosions in the White House and Barack Obama is injured.”
Being a highly regarded news source, the tweets immediately caused worry and outcry from their 1.8 million followers. The fake tweet was re-tweeted thousands of times in minutes and caused the Dow Jones Industrial Average to drop sharply before it quickly recovered. However, some onlookers were quick to call the tweet fake. The Associated Press is well-known for their strict following of AP style and the tweet announcing a “national crisis” did not follow the correct AP style formatting. Furthermore, other news sources had not published any information similar to Associated Press’ claims.
The tweet was quickly removed from the @AP feed and The Huffington Post posted a story Tuesday afternoon explaining that a hacker group named the Syrian Electronic Army gained access to the account after launching phishing attempts. Since, @AP has regained access to their account and has proceeded as normal.
While the matter was easily resolved, what does this hack say about Twitter’s security program? Just this year, major Twitter accounts including @Jeep and @BurgerKing were also hacked into (story here). It is obvious that Twitter must implement a stronger security program as soon as possible.
Twitter, here are suggestions from HOB to step up your security:
- Enable Two-Factor Authentication
Two Factor Authentication requires users to provide two pieces of information to verify their identity, such as a phone number or secondary e-mail address. Google and Facebook have already implemented this security measure to help keep their users’ accounts safe.
- Limit the number of log in attempts from a single IP address
Hackers are savvy at guessing passwords, but they won’t get it right the first time. If log-in attempts are limited, it gives hackers a slimmer chance of guessing your password and gaining access to your account.
- Alert users of suspicious activity
Many banking institutions alert users and require them to answer security questions when their account is accessed from a new device or IP address. Because Twitter users usually tweet from the same mobile device or computer, Twitter should implement another layer of security when an account is accessed from a unique device.
What are you thoughts on the @AP Twitter hack? Do you have any additional suggestions for Twitter’s security program? Please share in the comments below.
You must be registered in order to write comments. To register as a new user click here.
If you're already registered, please leave a comment here