Celeb twitter hack company calls Computer Misuse Act ‘outdated’

29 December 2018

The chief executive of Insinia Security - which demonstrated a security flaw in Twitter by hijacking the accounts of Eamonn Holmes and Louis Theroux - has denied breaking the law and called the Computer Misuse Act not “fit for purpose”. Theroux and Holmes were among celebrities and journalists who tweeted messages on Thursday stating their accounts had been "temporarily hijacked by Insinia Security".

Mike Godfrey, who runs Insinia Security, explained to Sky News that the accounts had been hijacked to demonstrate how Twitter allows anyone who knows your phone number to tweet from your account. The bug had been known about for six years, but Insinia acted to raise awareness of it because Twitter seemed unwilling to address the issue. Asked if he was concerned about being in breach of the CMA, Mr Godfrey said: "I wouldn't say I'm concerned about it." He added that he thought the law "wasn't fit for purpose".