Report: 2015 Twitter breach targeted Saudi dissidents, led to arrests

Saudi Arabia's Crown Prince Mohammed bin Salman.
Enlarge / Saudi Arabia’s Crown Prince Mohammed bin Salman.
Alexander Zemlianichenko / POOL / AFP) (Photo by ALEXANDER ZEMLIANICHENKO/POOL/AFP via Getty Images

The sister of a Saudi dissident has told Bloomberg that a 2015 breach by two Twitter employees enabled the Saudi government to unmask several anonymous Twitter accounts whose tweets criticized the regime. The US federal government criminally charged the two rogue employees last November.

Abdulrahman al-Sadhan is a US-educated Saudi man who worked for the Red Crescent Movement—the Muslim world’s counterpart to the Red Cross. He also secretly ran a popular pseudonymous Twitter account with thousands of followers. The account criticized the Saudi government.

“It is clear this was a targeted attack on purpose on activists and critics on Twitter,” said Areej al-Sadhan, Abdulrahman’s sister. “My brother, unfortunately, is one of those who was targeted.

According to Bloomberg, al-Sadhan was working in his office in Riyadh in 2018 when Saudi Arabia’s secret police took him into custody. His family hasn’t seen him since. They feared he was dead for almost two years until he was allowed to make a phone call in February.

The rogue Twitter employees allegedly accessed confidential information on at least 6,000 Twitter accounts on behalf of the Saudi government. Human rights advocates believe the hacks enabled the Saudi authorities to arrest at least five people who ran pseudonymous Twitter accounts critical of the regime.

“Saudi Arabia is spending millions of dollars on digital espionage and hacking the accounts of human rights defenders, critics, and opponents,” said Gamal Eid, executive director of the Egypt-based Arabic Network for Human Rights Information.

The Saudi government has long warned Saudis against trying to use anonymity as a shield when they criticize the government, as Bloomberg explains:

In August 2017, one of Saudi Crown Prince Mohammed Bin Salman’s then-closest advisers, Saud al-Qahtani, issued a warning through his own verified Twitter account against anonymous Twitter accounts: “Does a pseudonym protect you from the #blacklist?” al-Qahtani wrote. “No.”

Al-Qahtani explained that governments could find out the real identities of people using Twitter anonymously. He mentioned “technical ways” of tracing people’s IP addresses, as well as a “secret I’m not going to say.”

Al-Qahtani has since been suspended from Twitter; he lost his government post in the wake of the 2018 murder of journalist Jamal Khashoggi.

The Saudis have been accused of targeting people outside of Saudi Arabia as well. Dissidents in the US and Canada have sued Twitter over the 2015 breach, arguing that they should have been warned about the Saudis targeting their accounts. In an unrelated incident last year, Amazon CEO Jeff Bezos accused the Saudi government of hacking into his phone and obtaining racy photos that wound up in the hands of the National Enquirer.

https://arstechnica.com/?p=1699984