The two-factor authentication (2FA) notification outage happened after CEO Elon Musk revealed intentions to shut down the bulk of Twitter’s microservices, albeit the cause remains unknown.
Twitter’s mobile SMS two-factor authentication seemed to be down, as users reported not getting confirmation codes.
Twitter’s 2FA problems started on Monday after a message from Twitter CEO Elon Musk, who finalized his $44 billion purchase of the social media behemoth on October 27. According to Musk’s post, Twitter will eliminate “bloatware” microservices, saying that fewer than 20% are required for Twitter to function.
In the hours that followed, a flood of customer complaints claimed that mobile 2FA was not functioning. On Tuesday morning, TechTarget Editorial set up a new Twitter account with mobile authentication but never got an SMS. We next requested to download the Twitter archive of an existing account, and 2FA verification was successful.
Neither Musk nor Twitter has verified that the SMS 2FA service was disrupted. Furthermore, as of press time, Twitter has not replied to TechTarget Editorial’s request for comment.
In a Monday tweet, Kubernetes SIG Security co-chair and Twilio architect Ian Coldwater said that the service was now down and that backup codes may possibly be down.
“Don’t log out if you have SMS 2FA enabled. If you’re still signed in, switch to email, an authenticator app, or a physical security key, “They wrote.
Twitter employee Sheon Han claimed on Monday that if Musk follows through on his plan to switch down 80% of the platform’s microservices, Twitter will face a significant outage “in the next few days.”
Part of today will be turning off the “microservices” bloatware. Less than 20% are actually needed for Twitter to work!
— Elon Musk (@elonmusk) November 14, 2022
Since its conclusion, Musk’s purchase of Twitter has been fraught with controversy. Musk let off nearly 3,700 Twitter workers in early November, accounting for almost half of the company’s workforce. On Nov. 10, former CISO Lea Kissner announced their departure from Twitter, along with the company’s chief privacy officer and chief compliance officer. It is unclear if a new CISO has assumed Kissner’s post.
Furthermore, Twitter’s latest security issues come only months after the social media business was rocked by a whistleblower report from former Twitter security chief Peiter “Mudge” Zatko. Zatko said in his study that numerous Twitter workers had access to critical user data repositories and accused the firm of not monitoring or deleting user data correctly.
Earlier this year, the Federal Trade Commission (FTC) penalized Twitter $150 million for breaching an injunction prohibiting the misleading use of personal information. The corporation has previously acknowledged abusing information supplied by consumers for 2FA, including mobile phone numbers.
“We are really concerned by recent events at Twitter. No CEO or corporation is above the law, and corporations must abide by our consent decrees.” In a comment to TechTarget Editorial, an FTC representative stated. “Our updated consent order provides us with additional instruments to guarantee compliance, and we are ready to put them to use.”
Sharing is Caring!
You are welcome to put this blog article on your website, provided you also append an active link to our website “Source: https://resources.rhyno.io“
For media enquiries, contact us at [email protected].
MANAGED CYBERSECURITY SOLUTIONS
Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.
About Rhyno Cybersecurity Services
Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.
Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.