Twitter has come up with an update on the recent hacking of accounts of prominent personalities including former US President Barack Obama, Joe Biden, billionaires Elon Musk, Jeff Bezos and Bill Gates were hacked.
Twitter has said in a statement, ” We believe attackers targeted certain Twitter employees through a social engineering scheme. The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets. In addition, we believe they may have attempted to sell some of the usernames.”
Twitter has also revealed what information was accessed by hackers from the 130 accounts they broke into.
1. Attackers were not able to view previous account passwords
2.Attackers were able to view personal information including email addresses and phone numbers
3. In cases where an account was taken over by the attacker, they may have been able to view additional information. Our forensic investigation of these activities is still ongoing.
In a public apology Twitter has said, ” We’re embarrassed, we’re disappointed, and more than anything, we’re sorry. We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice.”
Twitter has taken remedial action since the incident was reported on July 15, 2020 including restoring access for all accounts owners. Twitter is now working on strengthening their security architecture and are training employees to guard against social engineering tactics. Twitter says it will continue its forensic investigation into the hack and work with law enforcement agencies.
In the July 15 incident, the scamsters had posted tweets on behalf of leading personalities and stated a Bitcoin wallet address with the promise of sending back double the amount of BTC if a user sends a certain amount to the designated wallet. These tweets, essentially fake, offered to send $2,000 for every $1,000 sent to a specified bitcoin address.
