Hi guys,

Part of Twitter’s source code has been leaked online, and Elon Musk is currently trying to find the perpetrator. Twitter hosts its source code on a Microsoft system called GitHub, one of the world’s most popular source code repositories and is used by many of the top software companies to manage and maintain their source code. It is unclear if a Twitter employee leaked the source code or if a remote hacker illegally accessed it; this is not very good news for Twitter.

You can read the full story HERE, but here are the main points:

  • Parts of Twitter’s source code were recently leaked online via GitHub, the New York Times reports, but were taken down after the social media platform filed a DMCA request. The request, which GitHub has published online, notes that the leaked information included “proprietary source code for Twitter’s platform and internal tools.”
  • The NYT notes that the source code maybe has been public for several months before being removed — the GitHub profile associated with the DMCA takedown lists a single (non-public) code contribution from early January. The name of the account is listed as “FreeSpeechEnthusiast,” in an apparent reference to Twitter CEO Elon Musk calling himself a “free speech absolutist” in the past.”
  • As well as asking GitHub to take down the code, Twitter submitted a court filing in California to find the person responsible and get information on any other GitHub users who may have downloaded the data. Bloomberg reports that the filing asked the court to order GitHub to reveal users’ names, addresses, telephone numbers, emails, social media profiles, and IP addresses.

From a user perspective, I’m still determining how this will affect you. We have not seen any cybercriminals taking advantage of the source code, but you can be sure they will. Keep Twitter updated on your phone for now, and stay tuned to these tips for any breaking news regarding the subject. It’s within the realm of possibility that depending on how much source code has been leaked, cybercriminals could create a different version that looks and behave the same way as Twitter itself, or they could take advantage of Twitter API access.

I will keep you posted.

All the best,

Max Roberts,
Incognito Privacy Care Team.