Twitter Hunts Down Ex-Employee Suspected of Leaking Source Code on GitHub

Background of the Leak

In a recent cybersecurity incident, Twitter discovered that a portion of its system's source code had been uploaded to GitHub. The tech giant swiftly issued a DMCA takedown request, which GitHub honored by shutting down the repository the same day.

However, Twitter believes the source code may have been exposed for some time, suggesting that other users might have downloaded the data. Twitter's management speculates that the individual behind the leak is a former employee who was let go in December last year, possibly with a connection to Elon Musk.

Legal Response and Information Disclosure

Following the removal of the data, Twitter initiated legal procedures, filing a court subpoena to obtain the identity of the uploader, who used the moniker "FreeSpeechEnthusiast." In addition, Twitter requested GitHub to provide information on users who accessed or downloaded the leaked source code.

The US District Court for the Northern District of California has approved Twitter's request, meaning that users who may have "casually" downloaded the data might have their personal information disclosed.

Details of the Subpoena

The subpoena granted by the court requires the disclosure of the following information:

For the original uploader, FreeSpeechEnthusiast: real name, address, phone number, email address, social media profiles, and IP address.
For other users: information on users who posted, uploaded, downloaded, or modified data in the repository, including their real names, addresses, phone numbers, email addresses, IP addresses, and social media profiles.

GitHub must disclose this information by April 3, 2023, according to the subpoena. Although GitHub has the option to challenge the subpoena in court by negotiating with the judge and Twitter, it remains unclear whether the platform will comply with the request or contest it through legal channels.