Last weeks hack of over 100 extremely prominent Twitter accounts performed in reality expose the direct messages of a lot of those accounts, the company confessed today– consisting of those of a chosen official in the Netherlands.
In tweets and an upgrade to its post on the “security incident,” Twitter stated that “for approximately 36 of the 130 targeted accounts, the opponents accessed the DM inbox.” They are “actively dealing with communicating straight” with those accounts impacted.
Twitter had declined to say in the instant aftermath of the attack whether DMs had actually been accessed by the hackers. Twitters messaging system is infamously not well encrypted but it was not clear whether the administrative tool reportedly utilized by the opponents offered access to inboxes.
The attack saw numerous popular accounts of political leaders and celebrities taken over and tweeting a really obvious Bitcoin scam that nonetheless seems to have actually netted at least 6 figures. Obviously whatever approach was utilized, it gave access to DMs some of the time, or perhaps the hackers simply didnt avail themselves of the opportunity for the staying 94 accounts they took over. Twitter has formerly stated that it has “no evidence” that passwords were accessed by the hackers, and nothing in the upgrade opposes that.
The companys attempted to position a silver lining on this cloud, saying it had “no indicator that any other former or current chosen authorities had their DMs accessed.” Thinking about the accounts of Barack Obama and Joe Biden were amongst those affected, that is technically great news.
The attack saw various popular accounts of politicians and celebrities taken over and tweeting an extremely obvious Bitcoin fraud that nonetheless seems to have netted at least 6 figures. Twitter said that a “coordinated social engineering attack” provided hackers “access to internal systems and tools.” Validated users were likewise quickly avoided from tweeting (a modification some invited).
This is probably not the last well hear from Twitter on this disturbing security breach.
Our company believe that for approximately 36 of the 130 targeted accounts, the opponents accessed the DM inbox, including 1 elected authorities in the Netherlands. To date, we have no sign that any other former or existing chosen authorities had their DMs accessed.
— Twitter Support (@TwitterSupport) July 22, 2020
Apparently whatever method was utilized, it provided access to DMs a few of the time, or maybe the hackers simply didnt obtain themselves of the chance for the staying 94 accounts they took over. Its not really clear from Twitters announcement. Twitter has previously stated that it has “no evidence” that passwords were accessed by the hackers, and nothing in the update contradicts that.