AP Was Hacked and Twitter's to Blame
Not a banner day for the Associated Press. The news service's Twitter account sent out this tweet at 1:00 p.m.: "Breaking: Two Explosions in the White House and Barack Obama is injured." Within seconds, the Dow Jones Industrial Average dropped more than 150 points; a few minutes later, realizing the account had been hacked, AP deleted the tweet and suspended its activity on the social platform.
A few takeaways: AP is apparently susceptible to hacking just like anyone else who plugs into the internet to share information. That is really not a surprise. Also unsurprising, the agency was exceptionally forthright in mitigating the damage and explaining the mistake. What is surprising, though, is that Twitter Inc. allows itself to remains subject to these sorts of attacks.
Any Twitter users who have ever seen a tweet about a new weight loss plan or received a direct message about the awful things people are saying about them (seriously, I hope this is not just me) knows how vulnerable the platform is. Unfortunately for Twitter, corporations -- recently Burger King and Jeep -- are realizing this as well.
There is a relatively simple solution: two-step authentication for Twitter's accounts. Two-step verification allows users to log on and then provides them with a one-use passcode. Once they are logged in, they can adjust the settings controlling how and where the account can be accessed. Facebook Inc., Google Inc. and Apple Inc. have all started using two-step authentication after either they or their users were hacked. If Twitter expects corporations, politicians and market-moving news services to continue to use its service, it is going to have to provide better security. The AP fixed its problem. Now, it's Twitter's turn.
(Alex Bruns is on the staff of Bloomberg View. Follow him on Twitter.)