Fail: Twitter’s CFO has Twitter account hacked

noto1

Twitter Inc. Chief Financial Officer Anthony Noto had his Twitter account hacked Tuesday, possibly highlighting once again the microblogging platforms ongoing security issues.

Noto’s account, established in 2009, starting tweeting spam messages at mid-morning PST, with targeted messages at users that included “this pic of you is funny!” and “I can’t stop laughing!” along with links to a Romanian registered phishing website.

The hack went on for some time until it was eventually picked up by Twitter, who then suspended the account and deleted the spam tweets.

The gossip on how Noto’s account was hacked points to a phishing email, with Peter Kafka at Re/Code saying that “It doesn’t require much effort to imagine that Noto clicked on a spam link to set this into motion.”

Noto’s only response to the hacking was a single tweet saying he was “back on the field.”

Noto’s Twitter account has been in the news previously after he confused sending a direct message (DM) on Twitter with an @ reply, and posted private details of Twitter’s desire to acquire a company back in November 2014.

Security is somewhat a Catch-22 for Twitter. On one hand they need to provide and easy to use and access platform that also integrates with third party services, not just Twitter-specific apps but for applications that use a Twitter account as an authenticated login service. Add to that you can’t stop people from being stupid when it comes to things such as simple passwords, or falling for obvious phishing emails.

But likewise there’s still a lot of work Twitter could be doing, doubling down if you like on beefing up its security and preventing a good many of these account hacks from happening in the first place.

Image credit: Business Insider.