UK Security firm ‘HACKS’ high-profile Twitter Accounts exposing security Flaw

Louis Theroux a Documentarian and Eamonn Holmes a TV Presenter and Radio host at Radio Host are among celebrities whose Twitter accounts were ‘hacked’ by a UK cyber security company exposing yet another security flaw on twitter. INSINIA a London based cyber security firm was able to post tweets on their behalf without logging in to their twitter account. Messages appeared on several celebrity and journalist accounts on with the words: “This account has been temporarily hijacked by INSINIA SECURITY.” Louis Theroux twitter Account

By remotely accessing accounts of Eamonn Holme s, Louis Theroux and other celebrities, the company has elaborated how easy it is to  bypass twitter security features and take control of a user account. According Insinia, the company was able to post tweets on the accounts of celebrities using mobile phone spoofing technology, in an attempt to expose a security flaw in the giant social network’s systems.

In a blog post, Insinia wrote, It recommends that as a method of security precaution,Twitter users needs to urgently remove their phone number from their accounts . “We’ve been warning about this for years,” Godfrey said, adding that the text messaging feature is not secure and should not be used to verify someone’s identity. He added that it could be misused by unauthorized users to spread fake news and end up destroying reputation of the real associated account users.

When asked whether the act was legal, The chief executive denied breaking the law and that the victims were fully aware of the act.

The company went ahead and assured the users that their data had not been compromised. ‘The user of this account has NOT lost access to it, no data compromised and is NOT under attack…’

A Twitter spokesperson claimed the issue had now been fixed: “We’ve resolved a bug that allowed certain accounts with a connected UK phone number to be targeted by SMS spoofing. We’ll continue to investigate any related reports to ensure our account security protocols are functioning as expected.”