The Twitter hack isn’t really a hack at all

OPINION Have 32 million Twitter accounts been hacked and the passwords put up for sale on the dark web? James Laird says nobody knows and nobody cares – because it doesn’t actually matter. ^{Header image credit}

Reports that a Russian hacker may have compromised millions of Twitter users are making the rounds, the latest in a string of tedious and often tenuous online security news.

MySpace, Mark Zuckerberg, TeamViewer, and Drake are just some of the sites and celebs to have been digitally violated within pissing distance of today. Every time you fire up your computer, someone or something else has been hacked, to the point that you have to ask – does it actually matter?

The answer is no.

Most of us are guilty of lax security practices, whether it’s reusing the same phrase to protect multiple accounts, or just composing dumb passwords in the first place.

LeakedSource, which says it can verify the Twitter breach, notes that the most hacked passwords included gems such as ‘123456’, ‘qwerty’ and ‘password’. Woo. If you’re using such a shitty password, you probably don’t care if you’re hacked, have nothing really worth protecting (or hacking), or both.

Of course, some people, particularly high-profile figures, are at greater risk if their online personas are hijacked. The mess will always be cleaned up but it’s still a PR nightmare trying to explain why your CEO suddenly started tweeting their support for Britain First.

There are legitimate personal concerns, too, if things like email or cloud storage are broken into, though these (usually) tend to be more robustly protected, both by end user and company.

But as someone who has – according to multiple libraries – apparently been hacked, I can safely say that 99.9% of the time it’s inconsequential bluster, albeit bluster that consistently manages to generate Another Sensationalist Headline.

Indeed, the so-called Twitter hack may or may not have actually happened. At the very least, it’s probably not what it first seems.

“They may well be old leaks if they’re consistent with the other big ones we’ve seen and simply haven’t seen the light of day yet. Incidentally, the account takeovers we’ve seen to date are almost certainly as a result of credential reuse across other data breaches,” Troy Hunt, a security researched and owner of hack database have i been pwned?, explained to TechCrunch.

In other words, this ‘new’ hack is probably staler than a Christmas cake in July.

Related: Best password apps

What would have actually been worrying is if Twitter itself was compromised. But that didn’t happen.

https://twitter.com/statuses/ 740762909144428544

The hacking threat circa 2016 has evolved, as any number of suits sitting in any number of sterile conference centres will tell you. The cybersec stakes may be higher than ever, but at a macro not micro level.

Iran’s nuclear facilities? Worth hacking. My sad ass food blog? Not really.

For most of us, news of a new hack is swiftly followed by: “So what?” Let’s not forget the Drake ‘hacker’ used his new-found mass following to pimp his Snapchat channel, and the principle fallout from the Zuckerberg hack was that Zuckerberg looked like a bit of a tit.

Hardly earth-shattering consequences.

Dear World, Twitter may or may not have been hacked. Like me, I suspect you’re more concerned by what’s for lunch.

Agree? Disagree? Let us know in the comments below.