Twitter Says 130 Accounts Targeted in Hack, Status of DMs Unclear

Twitter has said it believes at least 130 user accounts were targeted by hackers as part of an unprecedented bitcoin heist this week.

The social network's security team is continuing to analyze the scope of a cyberattack that is believed to have exploited an internal system accessed by a "coordinated social engineering attack" to spread a rudimentary cryptocurrency scam.

High-profile victims included Elon Musk, Bill Gates, Kanye West, Kim Kardashian, Joe Biden, Barack Obama, Michael Bloomberg, Warren Buffett, and Apple, among others.

There is still much that remains unknown about the incident, including the attackers' real identities and how much access they had over the compromised accounts. Experts told Newsweek yesterday that it's highly likely direct messages were exposed.

Now Twitter has shared some additional snippets of information about the brazen hack, confirming that a preliminary probe suggests the attackers were able to "gain control" of a small subset of the 130 targeted accounts, using the access to send tweets.

We’re working with impacted account owners and will continue to do so over the next several days. We are continuing to assess whether non-public data related to these accounts was compromised, and will provide updates if we determine that occurred.

— Twitter Support (@TwitterSupport) July 17, 2020

So far, the Jack Dorsey-led social network has remained quiet about the potential risk to non-public data like messages sent or received via the impacted profiles.

Twitter has said its assessment is ongoing and that it is "working with impacted account owners" over the next several days to uncover the scope of the breach.

It said: "We are continuing to assess whether non-public data related to these accounts was compromised, and will provide updates if we determine that occurred."

"For all accounts, downloading your Twitter data is still disabled while we continue this investigation. We have also been taking aggressive steps to secure our systems while our investigations are ongoing. We're still in the process of assessing longer-term steps that we may take and will share more details as soon as we can," Twitter added.

While technical details are murky, it's believed the attackers were able to change emails or credentials on targeted accounts, letting them bypass security measures. Twitter said this week, however, there was nothing to suggest passwords were accessed.

As politicians demand answers and accountability from Dorsey, the FBI confirmed this week that it is now tasked with investigating the incident.

"At this time, the accounts appear to have been compromised in order to perpetuate cryptocurrency fraud. We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident. As this investigation is ongoing, we will not be making further comment at this time," the agency said Thursday.

It is believed that the Twitter account of president Donald Trump was not infiltrated this week due to it being given an extra layer of protection following prior security incidents, including one in 2017 that saw his profile deleted, The New York Times reported.

Yesterday, in the wake of the security incident, some users appeared to be suffering with lingering service issues—including being locked out of their accounts.

Twitter said it was working to restore full functionality, but noted some users may have been proactively locked out as part of its ongoing investigation into the hack.

"We took the step to lock any accounts that had attempted to change the account's password during the past 30 days," it explained in a thread. "This does not necessarily mean we have evidence that the account was compromised or accessed."

Jack Dorsey
Twitter chief executive officer Jack Dorsey looks on during a Senate Intelligence Committee hearing concerning foreign influence operations' use of social media platforms, on Capitol Hill, September 5, 2018 in Washington, DC. Drew Angerer/Getty