Several high-profile Twitter accounts were hacked on Wednesday by attackers in a security breach. The hijacks took control of public figures and major corporations accounts, using them to spread a cryptocurrency scam.
Twitter responded to the attacks saying it was “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” said Twitter.
Twitter briefly suspended some account actions, including preventing verified users from tweeting, in bid to gain control of the platform and stop the hijacks.
We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.
— Twitter Support (@TwitterSupport) July 16, 2020
- 1 Microsoft 365 outage affects multiple services
- 2 Thailand takes first legal action against Facebook, Twitter over content
- 3 Did Esther Arunga ask Kenyans for forgiveness in tweet?
- 4 Factbox: Where do Trump and Biden stand on tech policy issues?
“You may be unable to Tweet or reset your password while we review and address this incident. … We’re continuing to limit the ability to Tweet, reset your password, and some other account functionalities while we look into this. Thanks for your patience,” read a tweet from the Twitter Support account.
The firm further locked accounts that were compromised and said they would restore access to the original account owner only when they were certain they could do so securely.
“Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues,” said Twitter.
Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We're working to get things back to normal as quickly as possible. — Twitter Support (@TwitterSupport) July 16, 2020
"Tough day for us at Twitter. We all feel terrible this happened," Twitter chief executive Jack Dorsey tweeted.
Tough day for us at Twitter. We all feel terrible this happened.
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
???? to our teammates working hard to make this right. — jack (@jack) July 16, 2020
Some of the accounts targeted include those of billionaires Elon Musk, Jeff Bezos, Bill gates and Warren Buffett.
The official accounts of Barack Obama, Joe Biden, Mike Bloomberg, Kim Kardashian West, Wiz Khalifa, YouTuber MrBeast, Floyd Mayweather, and Kanye West were also affected.
Other compromised accounts include, Apple, Wendy’s, Uber, Hard Drive Magazine, and CashApp.
The hackers posted a cryptocurrency scam promoting the address of a bitcoin wallet with the claim that the amount of any payments made to the address would be doubled and sent back.
"Everyone is asking me to give back. You send $1,000, I send you back $2,000,” read a tweet from Bill Gates’ Twitter account.
All the compromised tweets have since been deleted.