Several weeks after , the social media giant is continuing to reveal more information about the attack. Specifically, on July 31st, @TwitterSupport tweeted that of 130 twitter accounts that were targeted, hackers managed to access the direct message (DM) inbox of 36; seven of the accounts’ Twitter Data was downloaded.
“By obtaining employee credentials, they were able to target specific employees who had access to our account support tools,” the tweet explained, adding that hackers “targeted a small number of employees through a phone spear phishing attack” to gain access to the accounts.
By obtaining employee credentials, they were able to target specific employees who had access to our account support tools. They then targeted 130 Twitter accounts – Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.
— Twitter Support (@TwitterSupport)
“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” the tweet said.
“We all got very lucky that whoever was behind the Twitter hack…was not a very good criminal.”
While the attackers did cause unsuspecting Bitcoin holders to collectively lose over $100,000, a number of analysts have agreed that the hack was essentially a slap on the wrist for Twitter’s security features (or, perhaps, lack thereof.)
Following the attack, NYT cybersecurity reporter Sheera Frenkel tweeted that “basically, we all got very lucky that whoever was behind the Twitter hack today was not a very good criminal.”
for some of the world’s most powerful public figures, and used it to make… roughly $300,000?”, she added.
At the same time, Tracy Alloway, a financial journalist at Bloomberg, invited readers of her Twitter account to “imagine taking all that time to hack into Twitter to run a Bitcoin scam when you could have wrought havoc in global financial markets by getting Biden to say he was dropping out, or get Warren Buffett to say he was liquidating, or Elon Musk to say he’s recalling the short shorts.”
Immediately following the attack, Twitter immediately locked a number of accounts and restricted features for many other users.
Currently, many of the accounts have been restored: however, Twitter warns users that “some features (namely, accessing the Your Twitter Data download feature) and processes have been impacted”.
Indeed, yesterday, @TwitterSupport posted an update that “we’ve significantly limited access to our internal tools and systems. Until we can safely resume normal operations, our response times to some support needs and reports will be slower. Thank you for your patience as we work through this.”
We’ve significantly limited access to our internal tools and systems. Until we can safely resume normal operations, our response times to some support needs and reports will be slower. Thank you for your patience as we work through this.
— Twitter Support (@TwitterSupport)
“We’ll continue to share updates and precautionary steps we take so that others can learn from this, too,” another of @TwitterSupport’s tweets said. “We recognize the trust you place in us, and are committing to earning it by continued open, honest and timely updates anytime an incident like this happens.”
Be First to Comment