Twitter security breach led to arrests of Saudi dissidents: Report
A security breach at Twitter five years ago led to data being used by Saudi Arabia to arrest people critical of Riyadh, Bloomberg News reported on Wednesday, citing lawsuits, human rights groups and a relative of a person apprehended in 2018.
Middle East Eye reported last year that Saudi activists feared they were among thousands whose data was thought to have been stolen by Riyadh's network of spies.
In 2015, two Twitter employees - Ali Alzabarah and Ahmad Abouammo - were accused of accessing and passing the details of more than 6,000 users to a Saudi official with close ties to the royal family.
Bloomberg has now reported that the forced disappearance and detention of a Saudi aid worker in 2018 came about through the activities of the alleged Twitter spies.
Abdulrahman al-Sadhan disappeared in March 2018 after he was arrested at the Red Crescent offices in Riyadh where he worked, according to his sister, Areej.
Sadhan, 36, ran an anonymous Twitter account with which he regularly commented on human rights and social justice issues in Saudi Arabia. According to Areej, the account had amassed thousands of followers.
"It is clear this was a targeted attack on purpose on activists and critics on Twitter," she told Bloomberg.
"My brother, unfortunately, is one of those who was targeted. Now we are seriously concerned about his well being and health, given the awful history of human rights abuses in Saudi Arabia."
Six Saudis arrested in ties to Twitter hack
In addition to Sadhan, human rights organisations said they had identified six Saudi citizens who had been arrested in connection with anonymous Twitter accounts they ran.
In at least five instances, the timing of the arrests and the Twitter breach indicated they were likely connected, according to Gamal Eid, executive director of the Arabic Network for Human Rights Information.
Three of the five Saudis who have been arrested since 2015 used the Twitter names @sama7ti, @coluche_ar, and @mahwe13, according to ANHRI. A sixth case was identified by the human rights group Prisoners of Conscience, who alleged a Saudi man with a Twitter account under the name @albna5y had been arrested in September 2017.
"I think all of them were arrested as a result of the Twitter hack," Eid said.
"Saudi Arabia is spending millions of dollars on digital espionage and hacking the accounts of human rights defenders, critics and opponents."
Another Saudi man reported to have run an anonymous Twitter account was arrested around the same time as Sadhan, according to rights activist Iyad al-Baghdadi.
That individual, Turki Bin Abdul Aziz al-Jasser, had been connected by human rights groups to @coluche_ar, one of the accounts that ANHRI had cited as being among those accessed by the Twitter breach.
Ines Osman, director of the MENA Rights Group, said Saudi authorities informed the United Nations that Jasser was being held at the Al Ha'ir prison near Riyadh.
"We believe he is still alive," said Osman.
In August 2017, Saud al-Qahtani, the crown prince's former top adviser, started what he called the "Black List" hashtag, which was used to target critics of the government. He also tweeted that the government had ways to find anonymous Twitter users.
In 2015, the FBI notified Twitter that at least one of its employees was spying for Saudi Arabia, according to sources with knowledge of the investigation that followed.
According to a Twitter spokesperson, once the company learned of the alleged breach by the two employees, it "cooperated with federal authorities and took immediate action to notify and protect affected individuals".
Following the charges against its former employees last year, Twitter said it had made changes to its internal systems, employee training and security policies.
Yet despite the breach, Twitter's CEO Jack Dorsey met with Saudi Crown Prince Mohammed bin Salman six months later and reportedly discussed how the two could cooperate to "train and qualify Saudi cadres".