recommended reading

Threatwatch

Hacker Claims Trump’s Twitter Account Has Weak Security

Password cracking; Stolen credentials; Social Media Takeover

The president, vice president and the first lady need to select tougher security standards for their Twitter accounts, according to a hacker.

WauchulaGhost, who previously hacked into hundreds of Twitter accounts that supported the Islamic State group, tweeted the @POTUS, @FLOTUS and other White House officials’ Twitter accounts aren’t using the more advanced security features available. A simple password reset displays a partial email address to anyone curious enough to attempt it.

“It’s not hard for us to go figure out that email,” WauchulaGhost told CNN.

That email address is key to taking over a Twitter account (and many other accounts). An attacker first gains access to that email account, and then can simply reset a Twitter password to take control of it.

WauchulaGhost recommended selecting the Twitter settings that require users to verify phone numbers or emails before resetting a password. The White House Communications Agency, which manages accounts like the president’s, has protocols beyond two-factor authentication, a Twitter spokesperson told CNN.

sector

Government (U.S.); Social Media

reported

January 24, 2017

reported by

CNN

number affected

Unknown

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

Unknown