Twitter Says Parts of Its Source Code Were Leaked Online

The executives were only recently made aware of the source code leak, the people briefed on the internal investigation said. One concern is that the code includes security vulnerabilities that could give hackers or other motivated parties the means to extract user data or take down the site, they said.

The exposed source code adds to the challenges facing Mr. Musk’s Twitter. Technology companies often view such code as a closely held secret and do not share it for fear that it could give competitors an unfair advantage or reveal security vulnerabilities.

But even as tech companies strive to protect their code bases, they have become ripe targets for opportunists, hackers and others. Last year, a hacking group successfully stole source code from Microsoft and other major companies. And in 2020, Anthony Levandowski, a star engineer of self-driving cars, was sentenced to 18 months in prison for stealing code from Google as he prepared to start a new job. (Mr. Levandowski was later pardoned by then-President Donald J. Trump.)

The public posting of Twitter’s code is “concerning,” said Brett Callow, a threat analyst at Emsisoft, a cybersecurity software company. “It does make it a little bit easier and speedier to probe for vulnerabilities.”

For Twitter, the leak also comes on top of mounting structural and financial challenges. Mr. Musk has been trying to turn around the social network over the past few months by slashing costs, trying out new features and welcoming back previously banned users. But outages of the service have increased, while advertisers — the main source of revenue for the company — have been skittish about running ads on the site.

Article source: https://www.nytimes.com/2023/03/26/technology/twitter-source-code-leak.html