Twitter has decided to pull the ability to tweet via SMS after a second high profile account was hijacked using the same method employed on Jack Dorsey’s personal account last week. There’s no word on when it might be made available again, but Twitter says it’s working on it.
A week ago, hackers took over Jack Dorsey’s personal Twitter account and used it to tweet racial slurs and antisemitic messages. The group calls itself the Chuckle Squad, and was able to do this by exploiting a vulnerability in Cloudhopper, a service that was acquired by Twitter to bolster its Tweet via SMS feature. At the time, the company said it was able to solve the issue and that the main system hasn’t been compromised.
Earlier today, it happened again for actress Chloe Moretz, and shortly after Twitter announcedit will temporarily pull the ability to tweet via SMS as a way to ensure people’s accounts are protected from further hack attempts. The company blames mobile carriers just as much as it does itself, and added that it is “taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication.”
Old school Twitter users can remember a time before apps were all the rage, when they would tweet via SMS – which is where Twitter got the idea for a character limit. The feature is likely still useful in places where internet connectivity is a luxury, and for the time being the decision will affect their ability to communicate on the platform.
Still, Twitter promised to reactivate the feature as soon as it figures out a way to prevent hackers from using a user’s phone number to hijack their account. In the meantime, it is working on its “longer-term strategy for this feature,” but has yet to go into detail about what that means.