Washington D.C. [USA]: Twitter has revealed that hackers may indeed have downloaded the private direct messages of up to eight individuals while conducting their Bitcoin scam, and were able to see “personal information” including phone numbers and email addresses from each account, in one of the biggest security lapses in the company’s history this week.
The social media giant, on late Friday night (local time), said in a blog post that hackers had downloaded the data using a tool that includes an archive of private messages. As per CNN reports, the company said these eight accounts were not verified accounts.
The staggering hack compromised accounts belonging to VIPs ranging from former President Barack Obama and presumptive Democratic presidential nominee Joe Biden to billionaire businessmen Elon Musk and Jeff Bezos.
Twitter said 130 accounts had been targetted by the attackers. Of those, 45 accounts were successfully breached.
The company also said that several of its employees had been targeted by hackers to gain access to internal systems.
“The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams,” the company said.
Members of US Congress, cybersecurity experts and Twitter itself have been searching for answers about how the hack happened.
Images circulating online purporting to show a screenshot of an internal Twitter control system connected to the hack are being looked at by federal investigators, law enforcement sources informed CNN.
The tool appeared to include the ability to change the email address associated with a Twitter account, which could potentially allow a Twitter account to be taken over.
Twitter has removed tweets with the images from its platform, according to people who have posted them. A Twitter spokesperson told CNN Friday it was removing images that included personal or private information.
The company has been in touch with the Federal Bureau of Investigation (FBI), the spokesperson added.