Twitter revealed on Saturday that 130 accounts were targeted in the cryptocurrency scam in which many prominent users’ profiles were hacked. “For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets,” the company said in a blog post. Of those users, eight accounts’ entire account details were requested and downloaded, including an archive that includes direct messages. Twitter added that none of these eight users are verified, which rules out accounts like Elon Musk, Joe Biden, Bill Gates, and Jeff Bezos.
Social engineering hack
Twitter confirmed that internal company tools were used in the hack. “The attackers successfully manipulated a small number of [Twitter] employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams,” the company said.
- No passwords stolen: While the internal tools allowed attackers to reset passwords, Twitter said that users’ existing passwords were not compromised. “Attackers were not able to view previous account passwords, as those are not stored in plain text or available through the tools used in the attack,” Twitter said. “In cases where an account was taken over by the attacker, they may have been able to view additional information. Our forensic investigation of these activities is still ongoing,” they added.
“We’re embarrassed, we’re disappointed, and more than anything, we’re sorry,” Twitter said, adding that it would work with law enforcement to identify the attackers and bring them to justice.
Past Twitter hacks
- 2019: Per Wired, two employees at Twitter were using internal tools to spy on behalf of the Saudi Arabian government.
- 2017: Twitter’s internal tools have been used before in a similar incident to delete US President Donald Trump’s account.