Twitter has a bit of a security problem. Taylor Swift, Chipotle, Newsweek — it seems each day brings another hijacked account or two.
Today’s latest slip-up: Twitter’s own CFO, Anthony Noto.
For about 20 minutes this morning, Noto’s account was blasting out a massive torrent of spam.
It looks like the account was hijacked somewhere around 11:10 a.m. PT and recovered by 11:30. In that stretch, nearly 300 spam tweets were sent to some of Noto’s 13,000 followers.
Twitter has yet to comment on how the account might have been taken over. Given that it was used for spam rather than a political message, it’s possible that this wasn’t a targeted attack, instead relying on something like an old, forgotten API key left behind on a leaky third-party service.
It’s perhaps a bit revealing, though; if the company can’t keep the account of one of its own top executives locked down, what about its other 288 million active users?
Note: URLs were obscured in the screenshot above to blur links to potentially malicious sites.