Published Date: 2018-05-03
| Postmortem Analysis | |
|---|---|
| Timeline | 1. The software failure incident at Twitter, where passwords were stored in plaintext due to a bug, happened in May 2018 [Article 71490, Article 71254]. |
| System | 1. Twitter's cybersecurity program and practices [132443] 2. Twitter's password hashing system [71490, 71254] |
| Responsible Organization | 1. Twitter executives [132443] 2. Twitter's password hashing algorithm [71490, 71254] |
| Impacted Organization | 1. Twitter's 238 million daily users were impacted by the software failure incident reported in Article 132443. [132443] 2. Twitter's 330 million users were impacted by the software failure incident reported in Article 71490. [71490] 3. Twitter's 336 million users were impacted by the software failure incident reported in Article 71254. [71254] |
| Software Causes | 1. The software cause of the failure incident was a bug in Twitter's password hashing algorithm that stored passwords in plaintext before encrypting them, leading to a security vulnerability [Article 71490]. 2. Another software cause of the failure incident was Twitter's alleged cybersecurity failures, including privacy and security problems, high rate of security incidents, disabled security and software updates on employees' devices, and excessive access to user data by staff [Article 132443]. |
| Non-software Causes | 1. Lack of proper oversight in the hiring process leading to foreign agents being embedded within Twitter [132443] 2. Concerns about Twitter's plans to create an Only Fans competitor and issues related to child sexual exploitation and nonconsensual nudity on the platform [132443] |
| Impacts | 1. The software failure incident at Twitter, where passwords were stored in plaintext in an internal log due to a bug, led to the company urging its users to change their passwords as a precaution [Article 71490, Article 71254]. 2. The incident caused concerns about potential breaches or misuse of the stored passwords, prompting Twitter to take action to prevent such incidents in the future [Article 71490, Article 71254]. 3. The glitch in Twitter's password hashing process highlighted a cybersecurity slipup that could have had major effects on the security of millions of users' information [Article 71490]. 4. The incident raised questions about the effectiveness of Twitter's security practices and the need for users to enhance their account security measures, such as enabling two-factor authentication and using password managers [Article 71254]. |
| Preventions | 1. Implementing a comprehensive security program and ensuring compliance with regulatory orders [132443]. 2. Conducting regular audits and independent measurements of security standards and goals [132443]. 3. Enforcing strict access controls and monitoring for foreign agents within the company [132443]. 4. Following industry-standard security practices such as hashing passwords and encrypting sensitive data [71490, 71254]. |
| Fixes | 1. Implementing plans to prevent the bug from happening again by ensuring passwords are properly hashed before being stored internally [#71490]. 2. Enabling two-factor authentication on Twitter accounts to add an extra layer of security [#71254]. 3. Using a password manager to create strong, unique passwords for every service used [#71254]. | References | 1. Former head of security at Twitter, Peiter "Mudge" Zatko [Article 132443] 2. Twitter CEO Jack Dorsey [Article 71490] 3. Twitter Chief Technology Officer Parag Agrawal [Article 71490] 4. Twitter's official blogpost [Article 71254] |
| Category | Option | Rationale |
|---|---|---|
| Recurring | one_organization, multiple_organization | (a) The software failure incident having happened again at one_organization: - Twitter experienced a software failure incident related to storing passwords in plaintext in an internal log in 2018 [Article 71490]. - This incident was caused by a bug in Twitter's password hashing, leading to passwords being stored in plaintext before encryption [Article 71490]. - Twitter's Chief Technology Officer, Parag Agrawal, acknowledged the issue and recommended users to change their passwords as a precaution [Article 71490]. (b) The software failure incident having happened again at multiple_organization: - The incident of storing passwords in plaintext due to a bug is not unique to Twitter. Other companies like T-Mobile Austria and GitHub have also faced similar issues in the past [Article 71490]. - Storing passwords in plaintext poses a significant security risk and has been a common problem in the cybersecurity realm [Article 71490]. |
| Phase (Design/Operation) | design, operation | (a) In the software failure incident related to Twitter's cybersecurity failures and password glitch, the incident can be attributed to design-related factors introduced during system development and updates. The incident involving storing passwords in plaintext in an internal log was caused by a bug in Twitter's password hashing process. The company had stored passwords in plaintext before encrypting them due to a bug in the hashing algorithm, which was a design flaw in the system [71490]. (b) The software failure incident can also be linked to operational factors, specifically the misuse of the system. The incident of storing passwords in plaintext was discovered internally by Twitter, and there was no indication of breach or misuse by external parties. However, as a precaution, Twitter advised users to change their passwords on all services where they had used the same password, indicating a potential risk of misuse if the passwords had been compromised [71254]. |
| Boundary (Internal/External) | within_system, outside_system | (a) within_system: - Article 71490 reports a software failure incident where Twitter discovered a bug in their system that stored passwords in plain text in an internal log. This bug was due to a problem with Twitter's password hashing process, where passwords were written to an internal log before completing the masking/hashing process, leading to passwords being stored in plaintext before encryption [71490]. (b) outside_system: - Article 132443 discusses cybersecurity failures at Twitter, highlighting concerns raised by the former head of security about the company's vulnerability to exploitation by external parties such as teenagers, thieves, and spies. The article mentions issues like having foreign agents embedded within Twitter's staff, including agents from countries like China and India, raising concerns about potential foreign influence on the platform [132443]. |
| Nature (Human/Non-human) | non-human_actions, human_actions | (a) The software failure incident occurring due to non-human actions: - Article 71490 reports a software failure incident where Twitter urged its users to change their passwords due to a bug that stored passwords in plain text in an internal system. The problem occurred because of a bug in Twitter's password hashing, where passwords were written to an internal log before completing the masking/hashing process, leading to passwords being stored in plaintext before encryption [71490]. (b) The software failure incident occurring due to human actions: - Article 132443 discusses a whistleblower complaint filed against Twitter by its former head of security, Peiter "Mudge" Zatko. The complaint alleges various privacy and security problems at Twitter, including executives prioritizing user growth over privacy and security, employees disabling security and software updates, and staff having too much access to user data. This indicates that the failure was partly due to human actions within the company [132443]. |
| Dimension (Hardware/Software) | software | (a) The software failure incident occurring due to hardware: - There is no specific mention of the software failure incident in the articles being attributed to hardware issues. Therefore, it is unknown if the incident was caused by hardware failures. (b) The software failure incident occurring due to software: - The software failure incident mentioned in the articles is primarily attributed to software issues. In Article 71490, Twitter urged its users to change their passwords after discovering a bug that stored passwords in plain text in an internal system. The problem occurred due to a bug in Twitter's password hashing, where passwords were stored in plaintext before they were encrypted, violating standard security practices [71490]. - Additionally, in Article 132443, Twitter's former head of security highlighted various privacy and security problems at Twitter, alleging that the company prioritized user growth over privacy and security. The whistleblower complaint filed against Twitter also pointed out security incidents, disabled security and software updates by employees, and excessive access to user data within the company [132443]. |
| Objective (Malicious/Non-malicious) | malicious | (a) The software failure incident reported in the articles is more aligned with a malicious objective. In Article 132443, it is highlighted that Twitter's former head of security, Peiter "Mudge" Zatko, filed a whistleblower complaint against Twitter, alleging various privacy and security problems at the company. Zatko accused Twitter executives of prioritizing user growth over privacy and security, hiding bad news instead of fixing problems, and having a high rate of security incidents. Additionally, concerns were raised about foreign agents being embedded at Twitter, including agents from China and India, which could potentially compromise user data and pose security risks [132443]. These actions and allegations suggest that the software failure incident was not just accidental or non-malicious but involved intentional actions or negligence that could harm the system's security and integrity. |
| Intent (Poor/Accidental Decisions) | poor_decisions, accidental_decisions | (a) poor_decisions: - Article 132443 highlights how Twitter's former head of security, Peiter "Mudge" Zatko, filed a whistleblower complaint against Twitter, alleging that the company prioritized user growth over privacy and security. This indicates poor decisions made by Twitter executives in managing security concerns [132443]. - The same article mentions that Twitter allegedly violated an 11-year-old settlement with the FTC by falsely claiming it had a comprehensive security program. This failure to comply with regulatory orders also points towards poor decisions made by the company [132443]. - Additionally, the article discusses concerns raised by US lawmakers about Twitter's handling of data and security, indicating a lack of effective decision-making processes within the company [132443]. (b) accidental_decisions: - Article 71490 reports on a bug in Twitter's password hashing process that led to passwords being stored in plaintext in an internal log. This incident is described as a bug rather than a deliberate action, suggesting it was an accidental decision or mistake that led to the security issue [71490]. - The article mentions that Twitter CEO Jack Dorsey acknowledged the bug that caused account passwords to be written to an internal log before completing the masking/hashing process. This acknowledgment implies that the incident was unintentional rather than a deliberate action [71490]. - Twitter's chief technology officer, Parag Agrawal, apologized for downplaying the effects of the problem, indicating that the initial response may have been accidental or unintended [71490]. |
| Capability (Incompetence/Accidental) | development_incompetence, accidental | (a) The software failure incident occurring due to development incompetence: - Article 132443 mentions how Twitter's former head of security, Peiter "Mudge" Zatko, filed a whistleblower complaint against Twitter, alleging various privacy and security problems at the company. He accused Twitter executives of prioritizing user growth over privacy and security, hiding bad news instead of fixing problems, and having a culture where employees react to crises rather than proactively preventing them. This indicates a failure in professional competence and decision-making within the development organization [132443]. (b) The software failure incident occurring accidentally: - Article 71490 reports that Twitter urged its users to change their passwords after discovering a bug that stored passwords in plaintext in an internal log. The company stated that the problem occurred due to a bug in Twitter's password hashing, where passwords were written to an internal log before completing the masking/hashing process. This accidental storage of passwords in plaintext was not intentional but resulted from a bug in the system [71490]. |
| Duration | temporary | The software failure incident reported in the articles is temporary. This is evident from the fact that the incident was caused by a bug in Twitter's password hashing process, leading to passwords being stored in plaintext in an internal log [Article 71490]. The company acknowledged the issue, fixed the bug, and took steps to prevent it from happening again. Twitter's chief technology officer also advised users to change their passwords and enable two-factor authentication as a precaution [Article 71254]. |
| Behaviour | crash, value, other | (a) crash: The incident reported in Article 71490 describes a crash behavior where Twitter's system experienced a glitch that stored passwords unmasked in an internal log, leading to the need for users to change their passwords [71490]. (b) omission: There is no specific mention of an omission behavior in the articles provided. (c) timing: There is no specific mention of a timing behavior in the articles provided. (d) value: The incident reported in Article 132443 describes a value behavior where Twitter's former head of security highlighted cybersecurity failures that made the platform vulnerable to exploitation, causing harm to users due to privacy and security problems [132443]. (e) byzantine: There is no specific mention of a byzantine behavior in the articles provided. (f) other: The incident reported in Article 132443 also describes a behavior where Twitter executives were accused of hiding bad news instead of fixing problems, leading to a high rate of security incidents, disabled security and software updates, and excessive access to user data by staff [132443]. |
| Layer | Option | Rationale |
|---|---|---|
| Perception | None | None |
| Communication | None | None |
| Application | None | None |
| Category | Option | Rationale |
|---|---|---|
| Consequence | property, non-human, theoretical_consequence | (a) death: People lost their lives due to the software failure - There is no mention of any deaths resulting from the software failure incidents reported in the articles [132443, 71490, 71254]. (b) harm: People were physically harmed due to the software failure - The articles do not mention any physical harm caused to individuals due to the software failure incidents [132443, 71490, 71254]. (c) basic: People's access to food or shelter was impacted because of the software failure - There is no information about people's access to food or shelter being impacted by the software failure incidents [132443, 71490, 71254]. (d) property: People's material goods, money, or data was impacted due to the software failure - The software failure incidents did impact the security and privacy of users' data on Twitter, as highlighted by the whistleblower complaints and the need for users to change their passwords [132443, 71490, 71254]. (e) delay: People had to postpone an activity due to the software failure - There is no mention of any activities being postponed due to the software failure incidents [132443, 71490, 71254]. (f) non-human: Non-human entities were impacted due to the software failure - The software failure incidents primarily affected the security and operations of the Twitter platform, with concerns raised about foreign agents infiltrating the company and potential espionage activities [132443, 71490, 71254]. (g) no_consequence: There were no real observed consequences of the software failure - The software failures reported in the articles did have consequences, particularly related to data security and privacy issues on Twitter [132443, 71490, 71254]. (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur - The articles discuss potential consequences such as breaches, misuse of data, and compromised security due to the software failures, but there is no indication that these theoretical consequences actually occurred [132443, 71490, 71254]. (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? - There are no other consequences mentioned in the articles beyond those related to data security, privacy issues, and potential espionage activities [132443, 71490, 71254]. |
| Domain | information, finance | (a) The failed system in the incident was related to the information industry, specifically social media platforms like Twitter. The incident involved cybersecurity failures at Twitter, which made the platform vulnerable to exploitation and caused harm to real people [Article 132443]. The incident included issues such as privacy and security problems, employees disabling security and software updates, and concerns about user data access [Article 132443]. (h) The incident also has implications for the finance industry as it involves allegations of Twitter lying to potential buyer Elon Musk about the number of bots on its platform [Article 132443]. This aspect of the incident could impact financial decisions and the reputation of the company in the context of a potential acquisition. (m) The incident could also be related to other industries such as technology and cybersecurity. The failure highlights the importance of robust security measures in technology companies, especially those handling sensitive user data like social media platforms [Article 132443]. |
Article ID: 132443
Article ID: 71490
Article ID: 71254