turbotodd 100000388Y Visits (2256)
I don't get out nearly enough these days.
That includes to TechCrunch.
But this AM, I found my way there and learned about what I think can only now be appropriately termed "Twittergate."
Leaked confidential documents. Virtual break-ins.
Quick, somebody call Bob Woodward.
We need him to take a secret meeting at an Internet and gaming cafe to meet with "Deep Tweet!"
To catch you up, TechCrunch was sent a whole bunch of confidential Twitter documents: executive meeting notes, partner agreements, financial projections, calendars and phone logs, notres from high-level prospective employees (many of whom didn't end up at Twitter and are still at their current jobs...)...
310 documents in all.
Arrington's latest post was mulling which, if any, of the documents should be made public (hey, news is news!).
The troubling part of the story is how a hacker named "Hacker Croll" was allegedly able to crack the Twitter account of founder Evan Williams and several Twitter employees, along with a number of other Web sites (Paypal, Amazaon, Gmail, etc.), and then later send those documents on to Arrington.
That part of the story is covered in another TechCrunch post.
If it's that easy to crack the passwords for several accounts of cloud services for the CEO of a major upstart technology service like Twitter, and then reveal strategic and highly sensitive HR documents...well, somebody just put a big dent in the ever-growing cloud, in my opinion.
It suggests to me that companies everywhere need to start coming up with guidelines on what company information employees should and should not be allowed to incorporate into public cloud services, no matter how good the security regime.
Just the other day, I got an email survey from our own IBM IT organization asking me whether or not I put confidential or highly personal information on my Blackberry outside of the encrypted email.
I don't...well, mostly.
Of course, what seems personal that has not been publicly revealed is likely very different than that which ends up on the front page of the New York Times...or TechCrunch.
Arrington is right...the Twitter story is news...but it didn't have to be.
So here's a requisite and shameless plug for IBM's Consulting Security Services.
Just in case you'd like to play a little offense.