Twitter hackers accessed app's systems by targeting employees, tech giant confirms

16 July 2020, 04:09

Twitter posted an update about the hack in the early hours of Thursday morning
Twitter posted an update about the hack in the early hours of Thursday morning. Picture: PA
Nick Hardinges

By Nick Hardinges

Twitter hackers accessed the app's internal platforms by targeting its employees, the social media giant has confirmed.

A number of high-profile Twitter users had their accounts targeted on Wednesday evening as part of a cryptocurrency-based hack.

World figures such as former US President Barack Obama, billionaire Bill Gates, and rapper Kanye West all saw their profiles taken over by scammers who were requesting donations of the cryptocurrency Bitcoin.

To combat the hack, Twitter stopped all verified 'blue-tick' accounts from posting anything as it investigated the issue.

Founder Jack Dorsey said: "We're diagnosing and will share everything we can when we have a more complete understanding of exactly what happened."

In a follow-up statement, posted in the early hours of Thursday morning, the social media giant confirmed it is continuing its investigation but updated users on what it believed had happened during the hack.

It claimed the hackers targeted the firm's employees who have access to the app's internal systems and tools, while the company is exploring whether any other malicious activity took place.

Read more: Covid-19 vaccine - more 'positive news expected' ahead of Oxford trial data publication

Read more: UK coronavirus death toll passes 45,000 mark as 85 more people die

The tech giant's full statement read: "Our investigation is still ongoing but here’s what we know so far.

"We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

"We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.

"Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.

"We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.

"This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.

"We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.

"Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues."

The events of Wednesday evening are not the first time that people's Twitter accounts have been taken over.

In 2018, accounts belonging to celebrities including Louis Theroux, Eamonn Holmes and Saira Khan were hacked to expose a security flaw on the social network.

A message reading "This account has been temporarily hijacked by INSINIA SECURITY" appeared on several pages, in an effort to highlight an apparent vulnerability in the way Twitter uses text messages to secure accounts.

The security firm said the users had not lost access to their account and that none of their data was compromised during the exercise.

"We understood the way that Twitter handles incoming texts from your number," researchers said in a blog post.

"If we can text from what appears to be your number then we can interact with, and fully control, your Twitter account."

In tricking Twitter's verification system, they were able to fully use the target's account, the company claimed, meaning they could send tweets, direct messages, retweet and like tweets, as well as follow and unfollow people.

Latest World News

See more Latest World News

SantaCon NYC

Thousands of revellers descend on NYC for annual Santa-themed bar crawl SantaCon

Russia Ukraine War

Soviet-era statue of Red Army commander taken down in Kyiv

Cop28 protests

Opec ‘panicking’ as Cop28 talks focus on possible fossil fuel phase-out

Recep Tayyip Edrogan

Erdogan accuses West of ‘barbarism’ and Islamophobia over war in Gaza

Fire at hospital

Deadly fire breaks out at hospital near Rome

A mammoth £201m prize has been won in the EuroMillions

Lucky ticket holder scoops £201m in EuroMillions draw - was it you? Full draw details revealed

Gaza air strike

Israel presses on with Gaza bombardments as war enters third month

Kim Jong Un

Allies urge stronger international push against North Korea’s nuclear programme

Abortion protesters

Texas supreme court pauses abortion approval over foetus with fatal diagnosis

Peter Park

US teenager sworn in as lawyer after passing state bar exam

Israeli soldiers

Israeli troops round up Palestinians in Gaza amid warning aid drive ‘in tatters’

Venezuela Guyana Dispute

Guyana warns Venezuela ‘profoundly incorrect’ over claiming disputed territory

The OpenAI logo

Europe reaches deal on world’s first comprehensive AI rules

Ryan O'Neal has died

Love Story and Barry Lyndon actor Ryan O'Neal dies aged 82, as family pay tribute to Hollywood star

Trump Fraud Lawsuit

Appeals court upholds gag order on Trump but narrows restrictions on his speech

Smoke rises following an Israeli bombardment in the Gaza Strip

US vetoes UN resolution demanding immediate humanitarian ceasefire in Gaza