Nov 24, 2019

Member of group that hacked Twitter CEO Jack Dorsey's account arrested

Photo: Burhaan Kinu/Hindustan Times via Getty Images

Motherboard reported Sunday that a former member of a hacker group notorious for taking over social media accounts was arrested earlier this month, citing law enforcement and members of the group.

Driving the news: According to Motherboard, authorities arrested a onetime member of "Chuckling Squad," a notorious group that, among other mischief, took over Twitter CEO Jack Dorsey's Twitter account in August. That hacker, an unnamed minor, had previously been kicked out of the group

How it works: Chuckling Squad is a prolific user of SIM swapping, a technique through which hackers cajole cellphone companies to transfer a victim's phone number to phones that the hacker controls. From there, SIM swappers can use their access to a supposedly secure phone number to reset account passwords or otherwise tamper with accounts.

The big picture: The lesson from groups like Chuckle Squad and others using this mode of account takeover is that for people who require the most security and attach cell numbers to their accounts, it's important to turn on whatever added protections a mobile provider has to prevent SIM swapping. Those often including adding a passcode to move the phone number or to only allow that service to be done in person. 

Go deeper: The rule-free world of federal officials' personal accounts

Go deeper

Twitter pauses plan to delete inactive accounts

Photo: Jakub Porzycki/NurPhoto via Getty Images

Twitter said Wednesday it was putting on hold a plan to delete inactive accounts amid concerns that accounts from deceased users would be swept up in the purge.

Why it matters: While it's great to see Twitter clearing out the accounts of living people who aren't using them, Twitter also represents an important record of those no longer here.

Go deeperArrowNov 27, 2019

Disney+ accounts hacked, likely due to password reuse


Photo: SOPA Images/Getty Images

Hacked Disney+ accounts showed up for sale on dark web criminal markets almost immediately after Disney's new streaming service went live, reported ZDNet.

The big picture: The hijacking of account credentials no doubt came as a shock to the affected users, who suddenly found their passwords changed and their accounts inaccessible. But it's a commonplace occurrence in a world where many users reuse passwords from one service to another.

Go deeperArrowNov 19, 2019

Twitter plans to purge inactive accounts

Photo: Omar Marques/SOPA Images/LightRocket via Getty Images

Twitter is warning its inactive users — those who haven't logged on in over six months — that their accounts will be deleted unless they sign in by Dec. 11, The Verge first reported Tuesday.

Why it matters, via Axios' Ina Fried: By deleting accounts, Twitter could hurt its overall metrics as well as the follower counts of individual users. Dormant user names could also become available to people who want to make more frequent use of the service.

Go deeperArrowNov 27, 2019