Twitter Confirms DMs Were Accessed in Last Week’s Major Hack
Twitter has revealed more information about the major hack involving a Bitcoin scam that targeted dozens of high-profile accounts on its service on Wednesday, July 15.
The company said in a tweet on Wednesday, July 22, that following a complete review of all of the impacted Twitter accounts, it believes that “for up to 36 of the 130 targeted accounts, the attackers accessed the DM [direct message] inbox, including 1 elected official in the Netherlands.” Twitter did not name the elected official.
Although it declined to offer specific information on the other 35 accounts whose DMs were possibly accessed, it added that so far there’s no evidence to suggest the hackers accessed the DMs of any other former or current elected official. In other words, Barack Obama and Joe Biden — if they use the DM function — can breathe a sigh of relief.
We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox, including 1 elected official in the Netherlands. To date, we have no indication that any other former or current elected official had their DMs accessed.
— Twitter Support (@TwitterSupport) July 22, 2020
As for the likes of Bill Gates, Elon Musk, Jeff Bezos, and Kanye West, who were among some of the other high-profile individuals targeted in the hack, it appears at this stage that their messages could have been accessed.
The scam involved a fake tweet encouraging followers to send payments to a Bitcoin wallet. The ruse had some success, too, as data on Blockchain.com revealed that more than $115,000 via 392 transactions was sent to the Bitcoin wallet posted in the messages.
As soon as Twitter spotted the attack last week, it locked down the affected accounts and removed the fake tweets. The company said it had been the victim of “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
Later on Wednesday, Twitter also repeated some of the findings it uncovered last week, saying the perpetrators downloaded data from eight accounts via its “Your Twitter Data” tool, adding that none of these included verified accounts.
????130 total accounts targeted by attackers
????45 accounts had Tweets sent by attackers
????36 accounts had the DM inbox accessed
????8 accounts had an archive of “Your Twitter Data” downloaded, none of these are Verified
— Twitter Support (@TwitterSupport) July 23, 2020
Twitter said it’s continuing to communicate directly with the account holders that were impacted by the hack. The FBI is also investigating the incident.
Digital Trends has asked Twitter if it can offer any additional information at this stage and we will update this article when we hear back.