Twitter said several of its employees were manipulated by hackers into providing credentials for internal systems, and 130 Twitter accounts were targeted including those of Joe Biden, Elon Musk and Jeff Bezos.
The hackers were able to reset passwords for 45 users, while eight had their data, including private messages, downloaded entirely, Twitter said in a blog post late on Friday. While the hack targeted high-profile users such as Barack Obama and Warren Buffett, Twitter later clarified that data wasn’t downloaded from any verified accounts, without providing identities.
The hackers may have also tried to sell the usernames of some of the accounts, it said.
“There are some details — particularly around remediation — that we are not providing right now to protect the security of the effort,” the company said. “We are continuing our forensic review of all of the accounts to confirm all actions that may have been taken.”
Twitter did not say, for instance, whether the hackers read any of the private messages of world leaders while logged into their accounts.
The attack on Wednesday involved a widespread scam, using the accounts of cryptocurrency companies, corporate leaders and celebrities to solicit bitcoin transfers, in exchange for a promise of doubling the money. Twitter is working with authorities including the FBI to identify the hackers and figure out the extent to which users’ data was compromised. — Reported by Sarah Frier, (c) 2020 Bloomberg LP