Twitter hackers accessed DMs of dozens of high-profile accounts
What's the story
Last week's massive Twitter hack left more than 100 high-profile accounts, including those of business magnates like Jeff Bezos, Bill Gates, and Elon Musk, compromised. Now, revealing more about that unprecedented breach of security, Twitter has admitted that the hijackers were able to access direct messages for dozens of these accounts in the attack. Here is all you need to know about it.
Attack
First, a quick reminder on what happened
On July 15, the Twitter accounts of several notable personalities "shared" a Bitcoin scheme to double up the money of their followers. Subsequently, the service confirmed that these accounts were taken over by fraudsters who carried out a massive coordinated hack to promote a Bitcoin scam aimed at luring people into giving away their money.
Action
Accounts were locked, functionalities were disabled
In a matter of minutes, Twitter locked the compromised accounts and disabled the functions to tweet or change passwords to prevent the scam from growing bigger, affecting more accounts. Hours later, the company acknowledged that the hack was carried out from its backend as the scammers were able to social-engineer a "small number of employees" and use their credentials to access Twitter's internal systems.
Details
130 accounts targeted, 45 taken over
An investigation carried out by Twitter showed that the attackers targeted as many as 130 accounts through its internal tools and took over some 45 of them by initiating a password reset and then logging-in. It noted that the attackers were not able to see the passwords for all targeted accounts, but they did get access to personal information like emails/numbers through the tools.
DM access
DMs accessed for dozens of accounts
More worryingly, in its recent update, Twitter claimed that 36 of the affected accounts had their direct messages opened by the hackers. The company did not say who these accounts belonged to, but it admitted that one of these was of an elected official in the Netherlands - Geert Wilders. No other elected official had their DMs compromised, Twitter has emphasized.
Downloaded data
Data downloaded for eight non-verified accounts
In addition to this, Twitter said hackers downloaded activity data of up to eight accounts through its 'Your Twitter Data' tool. It is not clear if they were a part of the 36 accounts that had their DMs directly accessed, but the microblogging service claimed that none of them were verified. For all affected accounts, the company said it would communicate with the owners.
Twitter Post
Here is Twitter's overview of the findings
To recap:
— Twitter Support (@TwitterSupport) July 23, 2020
🔹130 total accounts targeted by attackers
🔹45 accounts had Tweets sent by attackers
🔹36 accounts had the DM inbox accessed
🔹8 accounts had an archive of “Your Twitter Data” downloaded, none of these are Verified
Additional work
Additional work in progress
The Jack Dorsey-led company notes in a blog post that it will continue to investigate the incident and cooperate with relevant authorities while trying to boost its security to prevent such incidents in the future. It also plans to start "additional company-wide training to guard against social engineering tactics to supplement the training employees receive during onboarding and ongoing phishing exercises throughout the year."