Twitter Data Breach & How We Can Learn From It

17th January 2023

Last week Twitter was hacked in a data breach, resulting in approximately 200 million email addresses being leaked. In this blog, we are looking at what we can learn from this and how we can start to improve security in our businesses, along with a little help from Astaris…

What and how has this happened? 

On the 5th of January this year hackers managed to steal 200 million email addresses from Twitter’s online database, and have posted them online since. This is arguably one of the biggest data leaks in social media history and will now result in a lot of phishing, doxxing, and hacking. This means it is important to take action quickly to prevent your personal or corporate data from being put at any additional risk.

There is no current information on where the hacker is or who is responsible for the data breach, but it isn’t impossible that the attack was actually conducted in 2021, and claims of an estimated 400 million email addresses and phone numbers were speculated back in early December 2022.

How can you protect your personal and corporate information?

There are a few immediate actions we recommend you take, particularly if your Twitter account is representative of your business/company as it could be at risk of being hijacked.

Passwords – We have said it many times before but having a strong password is essential (we also recommend changing your passwords every now and then for good measure). A strong password includes at least 12 characters, one number, one special character, and one symbol. This makes it virtually unbreakable and will take approximately 34,000 computer years to crack.

It is also recommended to have a different or different variation of password for each account, this means if one account is breached, the others are still safe and secure.

Two-Factor Authentication – Two-factor authentication means even if worst-case scenario, cyber hackers do manage to get your account details it will have to be verified it’s you from your device to actually be able to log in. This can be done using an email address, SMS, phone call, and apps such as ‘Authenticator’. If you’d like help setting up two-factor authentication for any of your social media accounts please get in touch with our team here.

Additional security protocol – There are additional steps you can take that go beyond protecting your accounts initially. Security starts with things like your social and email accounts and ends with the nitty gritty stuff like your company’s data files… and you don’t want to end up with issues there!

Security measures such as spam and ransomware protection to protect your email inbox, data back-up, content filtering software and more ensure even if one area of your network is a victim of a cyber attack, your network as a whole is still protected.

What the experts are saying…

Cybersecurity experts have spoken out and given their opinion on the current situation, let’s discuss their take.

Cyber experts are stating that when faced with a situation where your data has been compromised, the best initial reaction is to not pay the ransom. It encourages cybercriminals and hackers to continue to conduct these types of attacks and there is no guarantee you will get your data back once it has been paid.

The advice in regard to prevention still stays the same, installing antivirus software on your devices is one of the best methods of protection against malicious attacks. The same goes for protecting your email is spam and ransomware protection, in simple terms it filters through the malicious content, attachments, and links and stops them from ending up in your inbox, significantly decreasing the likelihood of phishing.

What can we learn from this?

As always it’s better to put a preventative solution in place rather than try and deal with any type of data breach. Security is often an aspect of an IT network that gets forgotten about and the results of a breach can result in huge loss of company time and money, GDPR breach fines, damaged reputation, and more.

If you’d like advice on how to improve the security of your business, feel free to get in touch with our team.