Some contractors at Cognizant, a company where several content moderators were recently exposed admitting that they delete posts for politically motivated reasons, had access to internal Twitter tools that could change user account settings and give control of accounts to others, according to two former Twitter employees who are familiar with the company’s security practices.
Reuters is reporting that more than 1,000 Twitter employees and contractors had access to these internal tools as of earlier this year and that this number included some contractors at Cognizant – a contractor that moderates content for Facebook, Twitter, and other social media companies.
There is no evidence to suggest that anyone at a third-party company such as Cognizant was in anyway involved in the breach – in fact Twitter’s statements on the matter only implicate its own employee(s). However, considering that in March 2011, the Federal Trade Commission (FTC) accepted Twitter’s final settlement over charges that it failed to safeguard personal information, allowing third-party companies to have such access to user accounts in the way Reuters is suggesting, would be surprising.
The FTC charges accused Twitter of granting almost all of its employees the ability to exercise administrative control of the Twitter system, including the ability to reset a user’s account password, view a user’s non-public tweets and other non-public user information, and send tweets on behalf of a user from approximately July 2006 until July 2009.
Previous undercover investigations of Cognizant’s Facebook content moderation have revealed political bias among the moderators with several moderators stating that this bias influences how they moderate content.
Multiple content moderators spoke about how they remove pro-Trump posts for “revenge” and because it’s “more impactful.”
“Yeah. I will delete all Republicans yeah,” one moderator stated. “If someone is wearing a MAGA [Make America Great Again] hat, I am going to delete them for terrorism and just going to, like, go crazy.”
In addition to these statements, former content moderator Zach McElroy revealed that moderators were told to leave up a violent anti-Trump meme but take down a cartoon anti-Democrat meme.
One of Cognizant’s policy and training managers, who was overseeing more than 1,000 employees, also told content moderators to carve out special Facebook “hate speech” policy exceptions in two instances.
One of these instances was during the 2018 Pride Month where content moderators were told that comments usually flagged as hate speech would suddenly be permitted if they were “intended to raise awareness for Pride/LGBTQ.”
The other exception was for CNN anchor Don Lemon’s comments that “the biggest terror threat in this country is white men.” This was acknowledged as something that would typically violate Facebook’s hate speech rules but given a policy exception because it’s a “newsworthy event.”
Twitter declined to comment on the number of employees and Cognizant contractors that have access to its internal tools and wouldn’t say whether the number declined before or since the hack that occurred last week.
The hack led to multiple high profile accounts being taken over including those of presumptive Democratic presidential nominee Joe Biden, former president Barack Obama, Tesla and SpaceX CEO Elon Musk, Amazon CEO Jeff Bezos, rapper Kanye West, and investor and philanthropist Bill Gates.
In its post about the hack, Twitter wrote that the hackers “successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems” and added that the employees were targeted through a “social engineering scheme.”
Twitter also revealed that the hackers used their access to Twitter’s internal support tools to target 130 Twitter accounts. The hackers were able to login to 45 of these accounts and send tweets, access the Direct Messages (DMs) inbox for 36 of the accounts (including the account of one elected official in the Netherlands – Geert Wilders), and download the account information of eight of the accounts through the “Your Twitter Data” tool (this information includes DMs).
Twitter added that the hackers may have been able to view additional information on the accounts that were taken over and that hackers were able to view personal information including email addresses and phone numbers.
Twitter CEO Jack Dorsey admitted on Twitter’s Q2 2020 earnings call: “We fell behind, both in our protections against social engineering of our employees and restrictions on our internal tools.”
According to the former Twitter employees, giving 1,000+ employees and contractors access to these tools as of earlier this year made it difficult to defend against the hack.
The hack and the subsequent revelations about how much data was accessed and the number of employees that reportedly had access to account takeover tools is the latest of several Twitter security incidents.
Last year, two former Twitter employees were charged with spying for the Saudi government and accused of accessing more than 6,000 Twitter accounts which included the accounts of high profile critics of the Saudi Kingdom.
In November 2017, President Trump’s Twitter account was taken down for 11 minutes by a Twitter customer support employee on their last day.