Last week, Twitter sent GitHub a copyright infringement notice claiming some of the platform users leaked parts of their source code.
GitHub promptly took down the code. The leaked code had been public for at least several months. Twitter urged GitHub to reveal the user behind the source code leak.
Please preserve and provide copies of any related upload / download / access history (and any contact info, IP addresses, or other session info related to same), and any associated logs related to this repo or any forks thereof, before removing all the infringing content from Github.
Since the Twitter source code was publicly available for months, hackers will have an easy task when hunting for security vulnerabilities. If threat actors put their minds to it, they could extract user data or even take down the site.
Researchers suspect that the person who made the Twitter source code public on GitHub might be a disgruntled former employee.
Twitter began an investigation into the leak and executives handling the matter have surmised that whoever was responsible left the San Francisco-based company last year, two people briefed on the internal investigation said. Since Mr. Musk bought Twitter in October for $44 billion, about 75 percent of the company’s 7,500 employees have been laid off or resigned.
The incident happened just as Elon Musk announced they will make public the code by the end of March that Twitter uses to recommend tweets.
The goal of making the code available to the public was that it could be reviewed by anyone and tested for vulnerabilities. The whole move was meant to help Twitter’s code become more secure.