While much of the tech
blogosphere was embroiled Wednesday in
a debate over the ethics of
publishing internal documents allegedly stolen from Twitter by a malicious French hacker,
others were concerned with how a cybercriminal was able to access a tech-savvy company's private, cloud-based information with such ease in the first place.
Twitter, based in San Francisco, has reportedly confirmed that a cybercriminal going by "Hacker Croll" accessed the Gmail accounts of Twitter co-founder Evan Williams' wife and a Twitter administrative employee a few weeks ago as well as in April. Hacker Croll also claims to have broken into personal accounts held by Twitter employees on Facebook, Amazon, AT&T, PayPal and MobileMe, as well as making off with Twitter.com's Web registrar account.
If the hacker's story is to be believed, some of those accounts were illegitimately accessed through "password recovery" mechanisms common to many online services -- much the same way that Sarah Palin's Yahoo e-mail account was hacked last year during the presidential campaign.
That raises serious questions about the security of cloud computing in business environments, particularly for Google, given the Mountain View, Calif.-based search giant's major marketing push in recent weeks for its cloud-based Google Apps suite of office products for the enterprise.
The cybercriminal has now reportedly passed along some of the stolen information to media and bloggers, including TechCrunch, which reports that it received an e-mailed file containing 310 supposed Twitter documents from Hacker Croll. TechCrunch has published at least one of the purported internal documents and founder Michael Arrington says the site will publish more.
