Even Elmo is getting hacked: How safe and secure is Twitter/X nearly three years after Musk’s takeover
Elmo’s account has been secured but the situation is emblematic of the platform’s most troublesome issues, says a Northeastern expert.
Even Elmo isn’t immune to cyberattacks. Over the weekend, the X account of the beloved Sesame Street character was hacked.
On Sunday, racist and antisemitic tweets were posted from the account, as well as attacks on President Donald Trump and his handling of the Jeffrey Epstein controversy. The incident came just days after Grok, Elon Musk’s AI chatbot, began sharing its own antisemitic comments on the platform.
While Elmo’s account has since been secured and the tweets deleted, the situation is emblematic of many of the platform’s most troublesome safety and security issues in the nearly three years since Elon Musk’s takeover, according to a Northeastern University cybersecurity expert.
When Musk first took the helm of the platform, he cleaned house and made major staffing cuts to some of its most vital operations, including trust and safety, laying off 80% of that team by the time layoffs were completed.
“Security teams have been reduced. Trust and safety teams have been reduced. Site and reliability engineering has been reduced,” says Aanjhan Ranganathan, a Northeastern professor in the Khoury College of Computer Sciences.
While the company has since begun to bring on new engineers in security and safety after those layoffs, the impacts of those initial cuts are still being felt, Ranganathan explains.
“When we think about the security triad, what we teach to all our undergrads — confidentiality, integrity and availability — pretty much all three requirements of a secure system have been dramatically affected,” he adds.
Editor’s Picks
Product decisions have also made X worse for combating misinformation and user security, Ranganathan notes. For example, two-factor authentication login via SMS is only available for subscribers of X Premium.
“You should never have to pay for security,” Ranganathan says. “Security should be the default.”
X has also made it more challenging for researchers like Ranganathan to collect data on the platform since access to its APIs — application programming interfaces, which allow systems to communicate and exchange data — has become prohibitively expensive and more restrictive.
“We used to have a lot of access to Twitter’s data,” he says. “Now we don’t have much access at all, and it’s a mess. We don’t know what is a verified account, what is really a true account.”
“I know a lot of social researchers who work in these domains who are trying to understand the behaviors of X users and trends that are coming. It’s become more and more difficult to get any reliable data or experiments out of it.”
Unfortunately, while there are other social media platforms that function similarly to X, namely Mastedon, BlueSky and Threads, they simply do not have the same reach as X, he adds.
While Ranganathan says he recognizes Musk’s contribution as an entrepreneur and technologist, he has real concerns about the direction X is headed.
“I think he runs a fantastic engineering team at Tesla and SpaceX, but I’m not sure how good those policies are applicable when it comes to X,” he says.
Science & Technology
Recent Stories
-
How did Netflix’s ‘KPop Demon Hunters’ take over the world and become a global phenomenon? -
Parasitic diseases researcher talks ‘flesh-eating’ screwworm infection after first confirmed human case in US -
Who is Jane Boleyn? The real story behind the protagonist of Philippa Gregory’s new book, ‘The Boleyn Traitor’