When Twitter was hacked earlier this month, it prompted the social media platform to launch an investigation into how it happened, as well as find out what holes needing plugging within its own internal controls.
Following that decision, there have been several revelations as to how poor the internal controls at the company were, with access to user accounts far less stringent than they should have been.
The latest revelation comes via a Bloomberg report, which states that employees at the company would spy on celebrities via their accounts.
It should be noted that the aforementioned report cites incidents in 2017 and 2018, so it remains to be seen whether this is a common practice today.
That said, it is concerning nonetheless, especially as several high-profile accounts were hacked recently, with some DMs seemingly being improperly accessed too.
“The controls were so porous that at one point in 2017 and 2018 some contractors made a kind of game out of creating bogus help-desk inquiries that allowed them to peek into celebrity accounts, including Beyonce’s, to track the stars’ personal data including their approximate locations gleaned from their devices’ IP addresses,” Bloomberg writes.
Also of concern are reports that Twitter’s own security team found it difficult to keep track of intrusions as a result of employees spying on celebrity accounts.
It seems like Twitter contractors were also privy to the spying practices at the company, with Bloomberg citing a current contractor in Cognizant in its report.
This would track with the a recent story that found that more than 1000 employees and contractors had access to user accounts, and were potentially a contributing factor to this month’s massive hack.
For now, Twitter has not officially commented on the Bloomberg report, but as the company continues to investigate the fallout of its hack, it will be interesting to see what other revelations surface.