CNN reports:
The same hacker who breached 500 ISIS accounts on Twitter has a message for President Trump: change your security settings ASAP. According to a man who identifies himself online as WauchulaGhost, the president, vice president, and first lady are more vulnerable to hackers because of a basic Twitter security setting they’re not using.
WauchulaGhost contacted me about these insecurities on Saturday. I spent the last three days trying to reach the White House for their response to WauchulaGhost’s claims. I sent multiple emails, including several directly to Dan Scavino, Donald Trump’s head of social media.
According to WauchulaGhost, @POTUS, @FLOTUS and @VP are more vulnerable because they haven’t selected a basic security feature on Twitter that requires you to provide a phone number or email address to reset your password. The current security setting for these three accounts allows anyone to click on “forgot password” and type in @FLOTUS, @POTUS or @VP.
The next screen says “we found the following information associated with your account” and gives a partially redacted email address to which it will send a password recovery link. WauchulaGhost says being able to fill in the missing letters and guess someone’s email address is the first step hackers take when trying to breach an account.
Are you actually fucking kidding me
(and yes this is real, @POTUS is tied to a Gmail account) pic.twitter.com/LUdeNkEF1O
— Alex Zalben (@azalben) January 26, 2017
I THINK there was some sort of discussion about unsecured, personal e-mail addresses being used for government business during the campaign?
— Alex Zalben (@azalben) January 26, 2017
Seven days! SEVEN DAYS, they've had the President's Twitter account attached to a PERSONAL E-MAIL ADDRESS.
— Alex Zalben (@azalben) January 26, 2017