Twitter has temporarily disabled the ability to tweet via text messages, after it’s CEO Jack Dorsey’s account was hacked on 30th August due to an apparent vulnerability tied to this feature.
According to reports the hackers were able to access the accounts through SIM swapping. With this method, hackers convince phone carriers to assign a phone number to a new phone that they have control of. Hacked tweets were sent using the MMS company, Cloudhopper, by using texts to tweet. Twitter acquired this company back in 2010.
In a statement regarding the hack Twitter said ” The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorized person to compose and send tweets via text message from the phone number. That issue is now resolved. “
Twitter also added, “We’ll reactivate this in markets that depend on SMS for reliable communication soon while we work on our longer-term strategy for this feature.”
We’re temporarily turning off the ability to Tweet via SMS, or text message, to protect people’s accounts.— Twitter Support (@TwitterSupport) 4 સપ્ટેમ્બર, 2019