Following Jack Dorsey’s Twitter account getting hi-@jack(ed), Twitter has temporarily yanked the ability to tweet via SMS – one of the possible ways that the account of its founder and CEO got taken over by racist/anti-semitic/bomb-hoaxing hijackers last week.
Twitter announced on Wednesday that it’s doing so due to what it says are vulnerabilities that mobile carriers need to address, and due to its reliance on having a linked phone number for two-factor authentication (2FA) – something it says it’s working to improve.
We’ll reactivate this in markets that depend on SMS for reliable communication soon while we work on our longer-term strategy for this feature.— Twitter Support (@TwitterSupport) September 4, 2019
Dorsey’s account getting hijacked wasn’t the result of a system compromise, Twitter said last week. Rather, it was due to the phone number associated with his account being compromised. That suggests that Dorsey may have been the victim of a SIM swap.
LEARN MORE ABOUT HOW SIM SWAPS WORK
Twitter hack section starts at 31’07, SIM swapping at 33’00”.
Click-and-drag on the soundwaves below to skip to any point in the podcast.
Twitter didn’t indicate how long it would disable SMS support for tweets. It did note, though, that it will “soon” reactivate it in markets that “depend on SMS for reliable communication.” In fact, as of Thursday, Twitter said that it had already turned SMS back on in a few locations that depend on it to tweet.
It was still off for the rest of the world, Twitter said, and would stay off while it works on a “longer-term strategy” for the feature. Twitter didn’t give an estimate regarding how long its longer-term strategy would take.
What to do?
Wrestling back control of a hijacked account can take a long, painful time, particularly if your name isn’t Jack Dorsey. To avoid going through that misery, read our guide to securing your Twitter account.