The account was down for 11 minutes. Twitter is investigating the incident but two sources told the New York Times the culprit is now believed to be a third party.
“The fact that the person who disabled President Trump's Twitter account may have been a contractor is a powerful example that demonstrates that organisations are on the hook when any third party with access to their data makes a mistake, whether intentional or accidental,” said Fred Kneip, CEO, CyberGRX. “This contractor is likely one of tens of thousands of third parties Twitter interacts with, any one of whom has the ability to do high-profile and lasting damage to the company's brand value and bottom line.”
Kneip noted that “while even the most thorough risk assessment can't guarantee that one rogue contractor won't make a bad decision, it can uncover red flags that point to weak security controls, leaving the company vulnerable.”
Original story reported on the day, below:
Twitter Government has issues a statement (see below) confirming that US President Donald Trump had his Twittter account temporarily deactivated by a departing customer support employee – demonstrating even your most important customer can be hit by the actions of a relatively junior employee.
Twitter described the action as human error, but given it was the un-named person's last day, it looks more like the deliberate actions of malicious insider. The term is being used here in a technical sense and not a pejorative description of the action itself, which garnered wide support on Twitter, with many calling the person a hero. Others pointed out that it was potentially a federal offence, in contravention of US Code 1362 regarding interfering with government communication lines, stations and systems, with penalties of up to 10 years in prison.
Twitter says it has implemented safeguards to stop it happening again.
Jackson Shaw, senior director of products for One Identity emailed SC to comment: "The employee was able to go rogue because there was insufficient protection of Trump's Twitter account. I'm sure there was no process to take the rogue employee's access away when he or she resigned. In fact, I'm sure their access was informally given: "Here's the Twitter password" versus actually granting access by an Identity Access Management or Privileged Access Management system.
"This goes to show that Twitter and other social media accounts count as privileged accounts and should be treated just as if they are part of a company's most valuable IT assets. Reputation has incalculable value - as shown in this example. It should be protected accordingly."
Twitter Government Retweeted Twitter Government
Through our investigation we have learned that this was done by a Twitter customer support employee who did this on the employee's last day. We are conducting a full internal review.
Twitter Government added,
Twitter GovernmentVerified account @TwitterGov
Earlier today @realdonaldtrump's account was inadvertently deactivated due to human error by a Twitter employee. The account was down for 11 minutes, and has since been restored. We are continuing to investigate and are taking steps to prevent this from happening again.
2:00 AM - 3 Nov 2017