The situation at the moment can be described as extremely uncertain at best and downright chaotic and potentially very dangerous at worst. In a short period of time, we have experienced events that have quickly called into question the security and privacy of the platform and the data stored on it - as well as the uncertainty as to whether Twitter will even still exist in the coming months or weeks.

A comment from Christopher Budd, threat research expert at Sophos

In view of this development, it is only prudent to carefully examine your own engagement on the platform and, above all, the personal information stored there and potentially take short-term measures to protect this data - because a possible complete crash of the platform also seems possible.

Five main areas of concern

There are currently five main areas of concern related to Twitter's security, privacy, and viability.

1. The massive, sudden, unplanned and unstructured loss of personnel.

First, attackers may be able to make greater use of Twitter as a platform to target users with spam, phishing, scams, and other attacks. Second, attackers can more easily compromise systems to collect and steal data.

2. Chaos and uncertainty around account verification and combating misinformation.

Conflating the existing verification process with the $8 "purchased hook," although since withdrawn, created the perfect storm of confusion and encouraged malicious activity. So within a few days it was almost impossible to distinguish legitimate accounts from parodic or even malicious impersonation accounts.

3. Twitter's willingness and ability to comply with legal security and privacy requirements.

The risks in this situation are simply unknown. We have not seen a situation where such a large and important platform may deviate so far from regulatory compliance so quickly. While regulators typically follow a very methodical process, the current situation could also involve very large, restrictive and sudden regulatory enforcement activities.

4. The financial viability of Twitter.

If Twitter were to fail as a company and go bankrupt, what would happen to the data and systems that store the data? Will it be sold in liquidation? Would funders, including Saudi Arabia and Qatar, be able to take ownership and control of the data and systems? Once again we are in uncharted territory and the answer is: we just don't know.

5. The current level of unpredictability appears to be continuing or even worsening.

Decisions are made with little planning and quickly reversed or changed with equally little planning. What Twitter is changes not just from day to day, but from hour to hour. This makes risk assessment almost impossible. It also creates an environment that is highly conducive to threat actors. The worst thing is that there is literally nothing to suggest that this situation will change positively.

Five steps to protect yourself and personal data.

With all these unknowns, the rule of thumb once again is to assume the worst when it comes to safety. This could mean that the platform suddenly disappears without warning and personal information of previous users ends up in the hands of unwanted people. Against this background, five steps are recommended to protect yourself and personal data.

1. Get your own copy of your Twitter information!

If Twitter becomes inaccessible due to government, creditor or other action, all of your information could be lost without warning. At this time, Twitter offers the ability to download personal information. However, it is reported that data requests often take days to respond, and given the deteriorating staffing situation and expected increased demand, you should take this step immediately.

2. Remove all personal and confidential information from Twitter!

One of the biggest risks is that personal or sensitive information you have stored on Twitter falls into the hands of cybercriminals. Accordingly, you should remove information such as date of birth, phone numbers, payment information, geographic location information, and other information that, alone or in combination with other information, could be dangerous to you, your family, or those you care about - including direct messages and Tweets. If you are thinking about deleting all tweets, likes, direct messages, and media, you should download copies first.

3. Secure access to your Twitter account.

The strained staffing situation may mean that Twitter is unable to combat account hijacking or help restore hijacked accounts to the same extent as before. It's always been important to secure access to your Twitter account, but it's even more important now. That's why you should definitely use a password that is only used on Twitter and multi-factor authentication. You should also disconnect any apps connected to your Twitter account - connecting accounts only when you need them - and disconnecting them when you're finished.

4. Secure your Twitter presence.

If you plan to stay active on Twitter, you should use protected tweets or even consider blocking your account. This allows you to control who can see and interact with your posts. If you don't plan on staying active on Twitter, you can even deactivate your account, but you shouldn't delete it. Deleting it allows you to share your account with other people, allowing strangers to impersonate you.

5. Change the way you use Twitter.

Fundamentally, you should change the way you approach Twitter, the people on the platform, and what they say. In other words, when in doubt, do not believe anyone they claim to be or say without taking steps to independently verify the identity and information. For example, if an account appears to represent a person or organization, look for another verifiable source for what it says, such as: B. an SSL-protected website whose digital certificate you can verify. Be particularly careful when validating Twitter accounts with other Twitter accounts: We have already seen several fake accounts that work to create the illusion of legitimacy by verifying each other.

Conclusion: No Time to Panic
The fact is that we have never faced a situation like this before, in which a website of such social, political and economic importance as Twitter has experienced such massive unraveling on so many levels so quickly. As a result, it is difficult to know exactly what will happen and what to do. What we in the world of information security can tell everyone is that this is not a time to panic, but rather it is a time to take quick and decisive action to address the very real possibility that some or even all of this worst-case scenario -Scenarios occur. So you should start ensuring the security of your Twitter data right now.

Christopher Budd from Sophos sheds light on the current situation on Twitter and why it is also critical from a security perspective. There was already a bad data leak before Musk took over! “If this happened under a fully staffed, mostly functioning Twitter, what do you think the reality is now”?

Related to the topic:
Twitter: General amnesty for blocked accounts
Tricks on Twitter?
Trump suddenly has old/new followers! Delete Twitter account


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )