Twitter Theft: It's Really All About Google

Jul. 15, 2009 7:39 AM ETGOOG, MSFT, TWTR13 Comments
Michael Eisenberg profile picture
Michael Eisenberg

Lost in the brouhaha Michael Arrington stirred up on Techcrunch about the ethics of posting to Techcrunch the documents stolen by a hacker from Twitter, is a most important nugget that Arrington brings out in the comments:

Michael Arrington (@arrington) - July 14th, 2009 at 11:22 pm PDT

the original security hole seems to be Google, via Google Apps for your Domain. Some passwords were guessed and things started to fall apart from there. Most (or all) of these documents were downloaded from Google’s servers.

A hacker breaks into Google's Apps for your domain and while Twitter thought they were secure and they had outsourced their security to Google, in reality they were exposed.

The bottom line is that many startups and an increasing number of large companies are using Google Apps for critical company documents. Most of them think that they are living securely. They are not. This happens in the evolution of the software industry. Microsoft was impacted by viruses, and their software is notoriously buggy and often not secure on release. This is a risk for Google going forward and an interesting nod that cloud security companies are needed.

One last word: As you move your company to cloud apps, it would be wise of these companies to check into security procedures and see if they can augment their security in some way. Additionally, document storage policies need to be examined on an ongoing basis.

Update: I received this note from Andrew Covacs at Google's corporate communications group.

Great, thanks for the reply. Have you seen Biz's post here?

He clarifies:
This attack had nothing to do with any vulnerability in Google Apps which we continue to use....This isn't about any flaw in web apps, it speaks to the importance of following good personal

This article was written by

Michael Eisenberg profile picture
Michael Eisenberg is a venture capitalist with Aleph. I am also a partners Benchmark Capital, while blogging at Six Kids and a Full Time Job ( and at He adds a perspective -- often on Internet stocks -- from an earlier-stage professional investor. Disclosure: Benchmark Capital is an investor in Seeking Alpha

Recommended For You

Comments (13)

To ensure this doesn’t happen in the future, please enable Javascript and cookies in your browser.
Is this happening to you frequently? Please report it on our feedback forum.
If you have an ad-blocker enabled you may be blocked from proceeding. Please disable your ad-blocker and refresh.