DMs of 36 high-profile Twitter accounts accessed in breach

Posted:
in General Discussion edited July 2020
Twitter on Wednesday revealed hackers accessed the direct message inboxes of 36 high-profile accounts in an unprecedented security breach last week.

Twitter Fail Whale


The microblogging service in a tweet said it believes DM inboxes of "up to 36" accounts were accessed, including one belonging to an unnamed elected official in the Netherlands. It was the first time a former or current elected official's DMs were accessed in a hack, the company said.

Twitter has not disclosed which accounts were impacted in the incident, nor has the company said whose DM inboxes were infiltrated. Account holders affected by the breach have been contacted.

In total, 130 accounts were targeted in the July 15 attack; a scam campaign designed to dupe users into handing over bitcoin. Followers of Apple, Elon Musk, Jeff Bezos and others ultimately handed over more than $100,000 to the as-yet-unidentified hacker or hackers. For Apple, the scam post will go down as its first and so far only tweet.

DM inbox access was a lingering question in the wake of last week's security snafu. Successful penetration of the messaging subsystem would not only grant hackers access to chat histories, but also the ability to directly communicate with a user's contacts under false pretenses.

As noted by previous reports and Twitter, a social engineering attack was employed to garner employee credentials, which were then used to access internal administration tools. With admin panel privileges the hackers were able to bypass two-factor authentication protections to change email and password credentials, granting full control over multiple accounts.

Twitter continues to investigate the security breach and has instituted new safeguards in a bid to thwart future attempts.

Comments

  • Reply 1 of 4
    EsquireCatsEsquireCats Posts: 1,211member
    While this is a rare security lapse, it underlines the importance of governments using official channels to make announcements. We can't have officials only using twitter to make announcements. Without exaggeration, the risks are too great.
    dysamoriawatto_cobra
  • Reply 2 of 4
    dysamoriadysamoria Posts: 3,430member
    So, will there be some dump of “secrets” soon and a new batch of scandals as a result?
  • Reply 3 of 4
    SpamSandwichSpamSandwich Posts: 33,407member
    Many people have moved onto apps like Parler because of the targeted suppression of opposing views on Twitter. Time for a mass exodus now.
  • Reply 4 of 4
    chasmchasm Posts: 2,404member
    Many people have moved onto apps like Parler because of the targeted suppression of opposing views on Twitter. Time for a mass exodus now.
    Your fingers slipped and forgot to type in the "fantasy of" targeted suppression. To date, there has been zero actual evidence of anyone of any political background not being able to post a tweet. That tweet may later be deleted or hidden if it violates Twitter's ToS -- for example being fact-free, libelous, or promoting violence -- but those rules are equally applied to users of varying political viewpoints. Some people need to become more familiar with facts and evidence, but that's not "suppression," ya big snowflake.

    But please don't let my reality check stop you from departing all the "suppressing" outlets for your made-up "views." I welcome your absence on Twitter and other platforms that normal people read.
Sign In or Register to comment.