Parts of Twitter’s source code have been leaked online, according to a legal filing with the U.S. District Court of the Northern District of California.
First reported by the New York Times, the contents of Twitter’s source code — the all-important software that powers the platform and makes it work — showed up on GitHub, an internet hosting service for software development.
When it learned on Friday that its source code was on GitHub, Twitter sent it a copyright infringement notice that demanded the code’s immediate removal.
GitHub complied with the removal request, but the Times suggests the code may have already been exposed on the site for “at least several months.”
Twitter is also trying to get the court to order GitHub to reveal the identity of the person who leaked the source code, along with the names of anyone who may have downloaded it.
The fear is that the code could reveal vulnerabilities in the platform, making it easier for hackers to exploit those weaknesses for nefarious purposes. Outcomes could include the site being knocked offline or user being data stolen and sold.
Citing two individuals with knowledge of the matter, the Times said that Twitter executives believe that whoever leaked the code likely departed the company last year as part of sweeping cuts made by the new owner, Elon Musk, who acquired the platform in October 2022 in a deal worth $44 billion.
Considering the upheaval Twitter has undergone in recent months, the incident suggests a disgruntled former employee may have been involved in the potentially damaging transgression.
Due to its huge importance, source code is a prime target for hackers. Despite companies’ best efforts to protect it, there have been plenty of incidents where perpetrators have managed to nab the precious code. Microsoft, Samsung, and LastPass, to name just a few, have all seen source code taken by hackers in just the last year or so.
But in Twitter’s case, parts of its source code were simply uploaded to the web, making it easy for anyone to access.
Twitter, and its community of more than 230 million daily active users globally, will now be watching and waiting to see if the incident leads to any major trouble for the social media platform.