That Twitter hack – it’s all on Twitter says DNS provider

Since the news about Twitter’s homepage being hacked has made the rounds of the tech blogosphere not much more has been said about it. Twitter came out with an update post that said it’s DNS records had been comprised and that they were looking in to but once it pointed the finger at its DNS provider Twitter has seem pretty mum on the subject.

Well it turns out that Twitter itself could actually be the culprit behind the comprised DNS records if the report coming out of Computerworld is correct. In the report the CTO, Tom Daly, of Dyn Inc the company that manages Twitter’s DNS records denied that Dyn infrastructure had been comprised. In addition he told the Washington Post that someone using Twitters credentials logged onto the system and made the changes.

“Someone logged in who purported to be a legitimate user of their [DNS] platform account and started making changes,” Daly told the Post‘s Brian Krebs. “It was not a failing on our systems whatsoever.”

Kyle York, Dyn’s vice president of marketing, echoed that in an interview with Computerworld. “No unauthenticated e-mail address associated with the account accessed the [Twitter] account,” York maintained. “This was not an unauthorized breach of our system.”

When asked whether the Twitter account had been used by someone authorized to do so, or if those account credentials had been pilfered by hackers, York declined to answer directly. “You’ll have to read between the lines,” he said. However, he did point to a tweet on Dyn’s own Twitter feed as having the right explanation.

Source:Computerworld

There has been a lot written about the apparent security problems that seem to plague Twitter and this would seem to be yet another incident that can be added to the list of breaches.