Twitter Source Code Leak Turns Into Hunt for the Perpetrator

Parts of Twitter’s proprietary source code were published online until last week, the company said in a California court filing Friday.

The code, which forms the basis for the web service’s various functions and internal tools, was posted on GitHub, the widely used code repository that’s now owned by Microsoft Corp. GitHub complied with Twitter’s request to remove the data under a copyright infringement claim and posted Twitter’s request online. The account responsible for the posting, named FreeSpeechEnthusiast, signed up on GitHub at the start of the year and appears to have only uploaded the Twitter cache.

Twitter is now seeking the identity of the user behind that account as well as the names and other information of all users who posted, downloaded or uploaded the data. The Elon Musk-owned social network is asking GitHub for their names, addresses, telephone numbers, emails, social media profiles and IP addresses of those parties. The company has also launched an internal investigation into the leak, according to a New York Times report citing unnamed people familiar with the matter.

GitHub declined to comment on its decision to remove the content and pointed to its publication of Twitter’s takedown request. Twitter didn’t specifically respond to an emailed request for comment about the data breach.

Exposing Twitter’s internal workings may make the service more vulnerable to hacking attempts.

The incident isn’t the first time a tech company has had its source code exposed. Last year, password management service LastPass disclosed that hackers had stolen source code and technical information. In December, source code associated with Uber Technologies Inc.’s mobile management platforms was reported to have been leaked as part of a hack.

The hacking group Lapsus$ has taken credit for several leaks including source code for Microsoft Corp.’s Bing search engine and its virtual assistant Cortana. In a breach disclosed in December 2020, suspected Russian hackers compromised popular software from Texas-based firm SolarWinds Corp., inserting malicious code into updates for SolarWinds software, an attack that also impacted Microsoft source code.

The FreeSpeechEnthusiast username chosen by the Twitter leaker appears designed to poke fun at Musk, who suggested he would bring free speech to the platform when he took over the company late last year.