Twitter is disputing the account of a security researcher in the Netherlands who claimed he accessed President Trump’s Twitter account — simply by guessing that the password was “maga2020!”
“We’ve seen no evidence to corroborate this claim, including from the article published in the Netherlands today,” a Twitter spokesman said in a statement to Variety.
According to a report by Netherlands-based RTL News, Victor Gevers, a security researcher who chairs the Dutch Institute for Vulnerability Disclosure, successfully accessed Trump’s Twitter account on Oct. 16. The story included a screenshot purportedly taken by Gevers showing his access of @realDonaldTrump’s settings.
Gevers — an “ethical hacker” — did not tweet private messages from Trump’s account but allegedly could have, per the RTL News account.
The Twitter rep said the company “proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government.” That included “strongly” encouraging such accounts to enable two-factor authentication to protect them from unauthorized logins.
Trump’s Twitter account has received “extra protections” in the wake of “past incidents,” the New York Times reported this summer. That was seemingly reference to the brief deactivation of Trump’s handle in November 2017 by a Twitter contract worker (who later claimed he had disabled the president’s account by mistake). The @realDonaldTrump account was not among those compromised in a large-scale attack in July by cyberscammers that targeted 130 high-profile Twitter users.
According to Gevers, Trump’s account did not include two-factor security; Twitter’s two-factor authentication login settings sends a six-digit code to a user’s phone number that is required to log in to the service in addition to username and password. The researcher told TechCrunch that he guessed the president’s account password, allegedly “maga2020!”, on the fifth attempt. Per the report, Gevers contacted the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to alert them to the issue.
Gevers claims he previously broke into Trump’s Twitter account in 2016, by using the password “yourefired,” which was culled from a security breach at LinkedIn in 2012.
The White House and the Trump campaign have not commented on the reported unauthorized access of Trump’s Twitter account.
Meanwhile, Trump — an avid Twitter power user who sometimes posts dozens of times on the social network — is upset by Twitter’s recent actions to fact-check and block his tweets.
Source: Read Full Article