The Leaked Twitter Papers Issue

The Problem

Confidential internal documents of Twitter Inc were stolen by a hacker last week. Techcrunch, considered to be a douchebag site by many, published some of those documents online.

What's scary is how shockingly simple the hacking was. A recent Twitter employee used the same password for many websites, like most of us do. She also used the same for her gmail account. The hacker managed to get access to that one password, which gave him access to her gmail account, which in turn gave him access to all the internal documents that were shared with her on Google docs. (That may not be exactly what happened, but it's pretty close).

Since this incident Twitter employees are now required to use 2 factor authentication and strong password policies.

The Solution

There are some other lessons to learn from this:

• Regularly check who has access to your shared online accounts. There maybe people you gave temporary access to, or interns who are no longer with the company.
• Change passwords regularly, use strong passwords, and use different passwords for different sites. My personal policy is to use different password for sensitive sites, like Google and FaceBook, and the same generic one for other sites, like trial accounts, etc.

Image by B Tal