As we mentioned in our first post, the basic idea for Tripwi.re InboxAlarm sprang about because of the Twitter hack. For a dissection of how the site was attacked, Techcrunch has a very interesting article here.

But for the busy reader, here is a Spark Notes version:

• Twitter’s fast rise to prominence made it a tantalizing target for hackers.  It grew from a scrappy upstart micro-blogging platform into a start-up superstar.  Along the way, several events assisted in propelling Twitter into the mainstream:
  
  • Plane Crash in Colorado
  • “Miracle on the Hudson” - more on this one later
    
  • The race to 1 million followers between Ashton Kutcher and CNN
  • Oprah’s discovery of Twitter
    
  • The Iran Election

• With enough patience, a hacker can eventually find a chink in the armor.  In this case, the hacker broke into an employee’s personal email account.  He was able to snoop around for days undetected.  Because he had days instead of minutes inside the inbox, he was able to gain more information.  This is as though a burglar broke into your house and rather than steal a few things quickly, he moved in and realized he could steal everything!  From this one break-in, the hacker was able to uncover other passwords in the inbox that he used for even more nefarious intrusion.  The break-in escalated from a random employee all the way up to the founders Evan Williams and Biz Stone.  The company did not have any clue that there was a problem.

• The Results: 310 documents were stolen by the hacker and subsequently sent to tech blogs such as TechCrunch and others. This resulted in substantial negative press about the security issues at Twitter and its employees. It also showed the inner working of the company and the potential business deals that Twitter was working on.

• If Tripwi.re InboxAlarm technology had been in place the hacker would have inadvertently opened an email and triggered our digital burglar alarm and instantly alerted the user. At this point they could have closed down the compromised account and had the security holes fixed. This was an extreme case, but no matter who you are, it is important that you take the appropriate steps to protect yourself.
  • First, make sure you don’t repeat your passwords and do lie on your secret questions.  Take a look at our password advice post.
  • Second, sign up for Tripwi.re InboxAlarm so that you can put decoy emails in your email just in case a hacker does get into you account. Time is money; the faster you know you have been compromised the faster you can fix the problem.

This entry was posted on Wednesday, August 19th, 2009 at 11:55 pm and is filed under General. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.