Jack Dorsey has account hacked

<a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=20841976" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=20841976</a>

From &#x27;minimaxir: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=20842045" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=20842045</a><p>&gt; It&#x27;s worth noting the client is Cloudhopper: that has been compromised before.<p>&gt; <a href="https:&#x2F;&#x2F;twitter.com&#x2F;gruber&#x2F;status&#x2F;859857475146854402" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;gruber&#x2F;status&#x2F;859857475146854402</a><p>Looking up the hashtag the attackers used, I came across this blog post alleging the problem being AT&amp;T&#x27;s: <a href="https:&#x2F;&#x2F;www.treyexgaming.com&#x2F;index.php&#x2F;2019&#x2F;08&#x2F;26&#x2F;how-the-same-hacker-has-hacked-over-10-content-creators&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.treyexgaming.com&#x2F;index.php&#x2F;2019&#x2F;08&#x2F;26&#x2F;how-the-sa...</a><p>Food for thought.<p>Regardless of whether the alleged source of insecurity is what happened here, SMS-based authentication was a mistake.

It wasn&#x27;t the first time: <a href="https:&#x2F;&#x2F;www.theverge.com&#x2F;2016&#x2F;7&#x2F;9&#x2F;12134754&#x2F;ceo-jack-dorseys-twitter-account-hack" rel="nofollow">https:&#x2F;&#x2F;www.theverge.com&#x2F;2016&#x2F;7&#x2F;9&#x2F;12134754&#x2F;ceo-jack-dorseys-...</a> Maybe it&#x27;s time to take security a wee bit more seriously Jack.

If it&#x27;s this easy to hack Trump&#x27;s Twitter account and say things that could trigger war, maybe we need to reconsider allowing elected officials to use social media as their official communications channel. Instead, they should have a government run portal where they relay whatever info they need to.

People need to implement PGP for login and message signatures for showing authenticity.