Twitter Inc. is attempting to identify the person who leaked parts of its proprietary source code after it was discovered to have been shared on GitHub for at least three months.

The news that the source code had been leaked came after Twitter filed a Digital Millennium Copyright Act notice with GitHub on Friday, demanding that the source code be taken down. Twitter also requested that GitHub provide the code submitter’s “upload/download/access history,” contact information, IP addresses, session information and “associated logs related to this repo or any forks.”

The New York Times, which first broke the story at the weekend, noted that Twitter has also asked the U.S. District Court for the Northern District of California to order GitHub to identify the person who shared the code and any others who downloaded it.

Twitter is also reported to have begun an internal investigation into the leaks, with executives believing whoever was responsible left the company last year. Given how long the source code is believed to have resided on GitHub, that puts the timing at around or just after “Chief Twit” Elon Musk (pictured) was laying off staff and telling the remaining staff to work harder. The latter resulted in even more staff leaving the company.

A disgruntled former employee is a likely candidate and a personal dislike of Musk is a possible motivating factor. The account on GitHub that leaked the source code went by the name of “FreeSpeechEnthusiast,” an apparent personal jab at Musk, who has positioned himself at times as a champion of free speech.

Although a former employee is the most likely source of the leak, it’s not impossible that it could have come from other quarters. Twitter has suffered issues with security in the past, including hundreds of millions of user records being offered online.

“Leaked source code from Twitter could be the result of former upset employees, people who don’t really like Elon Musk or even nation-states wanting to find holes and a way in to utilize the platform for their benefit,” David Lindner, chief information security officer at application security software provider Contrast Security Inc., told SiliconANGLE. “It’s interesting that Twitter’s first thoughts were to issue the copyright infringement notice to GitHub. I would have immediately hired an outside forensics firm to make sure the malicious actor was not still in Twitter’s environments. In fact, in a lot of these cases nefarious actors use ‘leaks’ like this as a diversion for a more damaging attack. It will be interesting to see how Twitter handles the transparency of their findings.”

Photo: Thomas Hawk/Flickr