Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tribune News Service
Tribune News Service
National
Dana Hull

Twitter source code leak turns into hunt for the perpetrator

Twitter is trying to hunt down the person who leaked proprietary source code that was published online until last week.

The code, which forms the basis for the web service’s platform and internal tools, was posted on GitHub — the widely used code repository that’s now owned by Microsoft Corp., a California court filing submitted by Twitter on Friday shows. GitHub Inc. complied with Twitter’s request to remove the data under a copyright infringement claim and posted Twitter’s request online. The account responsible for the posting, named FreeSpeechEnthusiast, signed up on GitHub at the start of the year and appears to have only uploaded the Twitter cache.

Twitter is now asking the court to issue a subpoena in an effort to uncover the identity of the user behind that account as well as the names and other information of users who posted, downloaded or uploaded the data. The Elon Musk-owned social network has already asked GitHub for related names, addresses, telephone numbers, emails, social media profiles and IP addresses.

GitHub declined to comment on its decision to remove the content and pointed to its publication of Twitter’s takedown request. Twitter didn’t specifically respond to an emailed request for comment about the data breach.

Exposing Twitter’s internal workings may make the service more vulnerable to hacking attempts.

The incident isn’t the first time a tech company has had its source code exposed. Last year, password management service LastPass disclosed that hackers had stolen source code and technical information. In December, source code associated with Uber Technologies Inc.’s mobile management platforms was reported to have been leaked as part of a hack.

The hacking group Lapsus$ has taken credit for several leaks including source code for Microsoft Corp.’s Bing search engine and its virtual assistant Cortana. In a breach disclosed in December 2020, suspected Russian hackers compromised popular software from Texas-based firm SolarWinds Corp., inserting malicious code into updates for SolarWinds software, an attack that also impacted Microsoft source code.

The FreeSpeechEnthusiast username chosen by the Twitter leaker appears designed to poke fun at Musk, who suggested he would bring free speech to the platform when he took over the company late last year.

(With assistance from Shiyin Chen.)

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.