Soon after the hacking began, Twitter took to its official account to say that it was aware of the security breach, saying that it was investigating what had happened.
Twitter hacked: Early hours of Thursday saw the Twitter accounts of several prominent people like former US President Barack Obama, Democratic Presidential candidate Joe Biden, Tesla Co-Founder and CEO Elon Musk, Amazon CEO Jeff Bezos and Microsoft Founder Bill Gates getting hacked. The hijack also hit some of the leading cryptocurrency sites. As per reports, the hackers were able to access the ‘admin’ tool on Twitter’s network, with which they were able to spread a cryptocurrency scam.
Twitter accounts hacked: Here’s what happened
The admin tool allows Twitter employees to control access to an account, including changing the account’s associated email and even suspending the user.
TechCrunch said that the hacker(s) generated more than $1,00,000 in a few hours by gaining access to the internal Twitter tool. The hacker(s) also used the admin tool to reset the email accounts linked with the Twitter profiles in order to make it harder for the original owners to regain access. After this, they propagated a cryptocurrency scam, claiming to double the funds of the victim.
How Twitter responded to the hack
Soon after the hacking began, Twitter took to its official account to say that it was aware of the security breach, saying that it was investigating what had happened. It added that it had restricted the functionality on the site, and the users might not be able to tweet or reset the password of their accounts while the incident was being investigated.
About three hours later, Twitter announced that most accounts had gotten their functionality back, but it would come and go since the company was still investigating the incident and working to fix the issue.
Twitter then explained what it knew so far about the security breach. It said that it detected a “coordinated social engineering attack” by hackers who were able to target some Twitter employees who had access to the site’s internal systems as well tools. It added that so far it was known that these hackers took over some visible and verified Twitter accounts to tweet on their behalf. However, the company said it was also looking into any other malicious activity they might have carried out, or any information they might have accessed. It added that Twitter had immediately locked down the accounts that were affected by the breach and had also removed the tweets posted by the hackers.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Twitter Support (@TwitterSupport) July 16, 2020
Moreover, Twitter also limited the functionality of a much larger group of Twitter users, including all the verified accounts, even if there was no evidence of them being directly affected by the hack.
It added that the access to the hacked accounts would only be restored to the original users once the company has deemed it safe to do so.
Internally, Twitter said it had taken significant steps in order to limit the access to its internal systems and tools while investigation into the attack was ongoing.