Gbenro Adesina
Twitter experienced an unprecedented hack on Wednesday July 15 2020, with the Twitter accounts of major companies and individuals compromised in one of the most widespread and confounding hacks the platform has ever seen.
The hackers took over dozens of high-profile Twitter accounts including those of former US President, Barack Obama, Joe Biden, Elon Musk, Kim Kardashian, Michael Bloomberg, Apple as well as most verified accounts, and used them to post bitcoin scam links.
Twitter has confirmed it took the drastic step of blocking new tweets from every verified user, compromised or not, as well as locking all compromised accounts, saying the it would not restore access to their owners “until we are certain we can do so securely.”
On Wednesday evening, the company revealed that its own internal employee tools were compromised and used in the hack, which may explain why even accounts that claimed to have two-factor authentication were still attempting to fool followers with the bitcoin scam.
In a series of tweets, Twitter confirmed the incidence and said investigation is ongoing on the issue and it is taking steps to fix it:
“We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
“You may be unable to Tweet or reset your password while we review and address this incident.
“We’re continuing to limit the ability to Tweet, reset your password, and some other account functionalities while we look into this. Thanks for your patience.
“Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We’re working to get things back to normal as quickly as possible.
“Our investigation is still ongoing but here’s what we know so far:
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
“Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.
“We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.
“This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.
“We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.
“Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues”.
Comments 1