Following the unauthorized access of my personal Twitter and LinkedIn accounts at around 8:30pm UTC Wednesday, I regained control of both accounts within about three hours. Immediately, I enlisted the support of a private cybersecurity firm to secure all of my accounts, which has found no indication at all of any confidential or financial data being compromised.
Most importantly, I can say that no Dash-related accounts or systems were compromised. The compromise occurred due to a failure of a trusted third party to follow their own security protocols when the attacker used social engineering to impersonate me and was permitted to reset passwords. This incident is a reminder to all of us to ensure and encourage our trusted third party providers to properly adhere to security controls and to thoroughly verify user identities before releasing personal data or account access.
Ryan
Most importantly, I can say that no Dash-related accounts or systems were compromised. The compromise occurred due to a failure of a trusted third party to follow their own security protocols when the attacker used social engineering to impersonate me and was permitted to reset passwords. This incident is a reminder to all of us to ensure and encourage our trusted third party providers to properly adhere to security controls and to thoroughly verify user identities before releasing personal data or account access.
Ryan