Twitter has appointed Rinki Sethi, a former information security executive at IBM and Rubrik, as its new chief information security officer (CISO), platform lead Nick Tornow announced late on Monday. This announcement comes two months after the Great Twitter Crypto Hack of July 2020 and barely two months ahead of the US presidential elections where the role of social media cannot possibly be overstated.
It is not clear whom she has replaced because the last publicly listed CISO of Twitter, Mike Convertino, left the company in December 2019. We have reached out to Twitter for more information.
In the past, Sethi has been the vice president at Palo Alto Networks, a cybersecurity firm, and has led product security at Intuit, the fintech firm that created tax filling software TurboTax. She has also worked at eBay as a senior security manager and at Walmart as a security engineer, according to her LinkedIn profile.
Twitter’s repeated trysts with unruly employees
Sethi’s appointment comes a couple of months after 130 Twitter accounts of prominent individuals were targeted in a cryptocurrency scam where these accounts were used to solicit cryptocurrency from their followers. Victims of the hack included former US President Barack Obama, the richest people in the world including Jeff Bezos, Bill Gates and Elon Musk, official company accounts including that of Apple, among many others.
About two weeks after the hack, in August 2020, the US Department of Justice (DOJ) charged three people, including a minor, for the hack. Twitter’s investigations had revealed that internal company tools were used in the hack and that the hackers “manipulated” a few Twitter employees to gain their credentials.
This was not the only time that Twitter’s internal tools had been abused. In June 2018, the DOJ had charged two Twitter employees for abusing their system privileges to spy on behalf of Saudi Arabia. In November 2017, a Twitter contractor, on his last day, had deactivated US President Donald Trump’s account. The account was restored after 11 minutes.
Given these three very public incidents, especially the cryptocurrency hack, Twitter has been “strengthening the rigorous checks that team members with access [to the internal tools] must undergo”, according to its blog. It is also “improving” its detection and monitoring tools to detect suspicious use of its internal tools, and is shoring up training for all Twitter employees, especially those with access to non-public information.
To gear up for the US elections, Twitter has also been creating strategies to deal with hacks, data leaks, platform manipulation, foreign interference, and coordinated online voter suppression campaigns.
- Prominent Twitter accounts hacked using company’s own tool
- Twitter crypto scam: 130 accounts targeted, 45 hacked, data of 8 users downloaded
- US charges three people, including minor, for Twitter crypto scam