Trump and his staff vulnerable due to bad Twitter security settings

Trump vulnerable on Twitter

Trump has only in a few days as the President of the United State (“POTUS”) changed the political landscape in the world. He has moved the political debate from hotlines and secured meeting rooms to social media, and during the last week we’ve seen him debating who will pay for the famous wall with Mexico’s president Enrique Peña Nieto – on Twitter.

Although this of course opens up the political discussion to the public, offering a transparency that we’ve never experienced before, it also opens up to new threats such as hacker attacks.

A hacker known as ‘WauchulaGhost’ told CNN that the President, the Vice President and the First Lady were all likely targets to attacks due them neglecting to activate higher security setting in Twitter.

The threat is basically due to Trump and his staff neglecting to activate a privacy setting on Twitter that would require a users to provide a phone number or an email address when resetting a password. Without these secuirty settings activated, anyone can abuse the ‘Forgot Password’ feature to get information associated with the email accounts associated with the Twitter account.  Until only recently, when attempting to reset the password for either of the @POTUS, @VP and @FLOTUS accounts, Twitter would take you to a page that reads expose parts of your email addresses linked to the Twitter profile in question. After the hacker in question – ‘WauchulaGhost’ – tweeted about the issue, some corrections have been made by the White House representatives.



The fact that the emails used for the accounts @POTUS and @FLOTUS are Gmail accounts makes them even more vulnerable to attacks.

Since WauchulaGhost’s tweet, Vice President Mike Pence and the First Lady have both updated their Twitter email addresses, but Trump is yet to take action on this.

There are established proofs of Russian hackers trying to influence the American presidential election, and it’s not a too far-fetched guess that they will try to get information from poorly secured social media accounts. Hence, if President Trump wants to move the political discussion to social media, one would at least expect him and his staff to take adequate actions to secure their accounts.

———————

Anders Hampf
Senior Online Marketing Manager