Twitter says 130 accounts targeted, 45 compromised in security breach
What you need to know
- Twitter has published an update on a major security breach earlier this week.
- It says 130 accounts were targeted, and 45 were compromised.
- Eight non-verified accounts had all of their data, including DMs downloaded.
Twitter has confirmed that 130 accounts were targeted and 45 were compromised in a security breach earlier this week.
In a blog post the company stated:
Twitter says that attackers targeted "certain Twitter employees through a social engineering scheme", in the context, "the intentional manipulation of people into performing certain actions and divulging confidential information." A recent Motherboard report claims hackers simply paid off a Twitter insider to do their work for them.
Twitter says "a small number of employees" were successfully manipulated, and their credentials used to gain access to internal systems, bypassing 2FA protections.
It says 130 accounts were targeted. 45 of those had their passwords reset, and the attackers were able to login to those accounts and send rogue tweets. Tweets sent from accounts like Apple, Barack Obama, Bill Gates, and more asked users to send Bitcoin to an address with the promise it would be doubled. Twitter also believes the attackers may have attempted to sell the usernames of compromised accounts.
More disturbingly, Twitter says the information of eight accounts was downloaded through 'Your Twitter Data':
This includes account history, apps and devices, activity, interests and ad data, contacts, Tweet history, apps with access to your Twitter, muted and blocked accounts, profile info, Direct Messages, media, and more.
Get the top Black Friday deals right in your inbox: Sign up now!
Receive the hottest deals and product recommendations alongside the biggest tech news from the Android Central team straight to your inbox!
Twitter says it is continuing to investigate the attack alongside law enforcement. Twitter reiterates that the vast majority of Twitter users were not affected by the incident. Of the 130 that were, attackers were not able to view previous passwords but were able to see personal information including email addresses and phone numbers. Of the 45 accounts taken over, the damage is unclear but certainly worse.
Twitter says it is also working to restore access to account owners still locked out since the breach, mainly users who have reset their passwords in the last 30 days.
Twitter said it was "acutely aware of our responsibilities to the people" who use its service, adding that it was "embarrassed", "disappointed", and "more than anything, we're sorry."