New York state financial regulators are calling for the imposition of cybersecurity standards on social media giants such as Twitter Inc. following an investigation into a hack of celebrity Twitter accounts as part of a crypto fraud scheme.
The New York State Department of Financial Services (DFS) has released a report detailing the results of its investigation into a hack of high-profile Twitter accounts that took place on July 15 as part of a Bitcoin fraud.
The report found that the hack involved simple social engineering to obtain the login credentials of high-profile Twitter users, including Barack Obama, Kim Kardashian West and Jeff Bezos, along with the accounts of several crypto companies.
The hackers then used these accounts to call for followers to send Bitcoin payments, which resulted in the loss of over US$118,000.
The report found that regulated cryptocurrency companies, such as Coinbase, Square, Gemini Trust Company and Bitstamp “responded quickly to block attempted transfers to the Bitcoin addresses the fraudsters used.”
However, the report also concluded that Twitter “lacked adequate cybersecurity protection,” including measures required by the DFS under its cybersecurity rules.
As a result, the DFS recommended that big social media companies “should be designated as systemically important institutions with prudent regulation to manage heightened cybersecurity risk.”
“As we approach an election in fewer than 30 days, we must commit to greater regulatory oversight of large social media companies. The integrity of our elections and markets depends on it,” said Linda Lacewell, superintendent of financial services at the DFS.
In a statement, New York governor Andrew Cuomo said that the DFS investigation “demonstrates a regulatory gap that must be filled if we are to protect our financial and political systems from cyber-attacks and misinformation campaigns.”