Published 03:41 IST, July 19th 2020
Twitter reveals scammers downloaded private data and messages of hacked verified accounts
While Twitter declined to disclose identity of accounts, it said, “personal information” was comprised and hackers were able to access emails and other data.
Advertisement
In a statement issued online, Twitter has revealed that attackers downloed data and private direct messs of at least eight high-profile accounts involved in bitcoin breach. Or sensitive information such as phone numbers, photos, and physical location history was also stolen.
Twitter’s statement comes after microblogging site witnessed one of world’s largest Bitcoin scams as accounts of Barack Obama, Elon Musk, Bill Gates, Joe Biden, Kanye West, Kim Kardashian, Apple, Uber and many or were hacked.
Advertisement
While Twitter declined to disclose identity of accounts in specific for which “personal information” was comprised, it said that hackers were able to gain access to email dresses and or data using a tool that archived private messs.
Advertisement
Cybersecurity experts have raised questions on Twitter DMs that aren't end-to-end encrypted, which could have averted hack of direct messs.
"In cases where an account was taken over by attacker, y may have been able to view ditional information," Twitter said in a blog post. "Our forensic investigation of se activities is still ongoing," it ded.
Of 130 accounts in totality that were targetted by attackers, Twitter said that password for at least 45 accounts were reset, while hackers also tried to “sell’ some of usernames.
Advertisement
Accessed internal support teams' tools
As recent bitcoin spam hack of high-profile verified accounts highlights Twitter’s security vulnerabilities, company revealed that attackers bypassed two-factor auntication on targetted accounts after y "successfully manipulated a small number of employees and used ir credentials to access Twitter's internal systems."
Advertisement
Furr, company mitted that hackers used internal employees' “credentials to access Twitter's internal systems, including getting through our two-factor protections. As of w, we kw that y accessed tools only available to our internal support teams.”
"Everyone is asking me to give back, and w is time," deleted bitcoin scam tweet from Gates’ and or hacked accounts said, pledging to double all payments to a Bitcoin dress for next 30 minutes.
Advertisement
03:41 IST, July 19th 2020