Read Twitter’s update on the huge hack — 8 accounts may have had private messages stolen

July 18, 2020
38 Views


On Friday evening, Twitter issued its first full blog post about what happened after the biggest security lapse in the company’s history, one that led to attackers getting hold of some of the highest profile Twitter accounts in the world — including Democratic presidential candidate Joe Biden, President Barack Obama, Tesla CEO Elon Musk, Microsoft co-founder Bill Gates, Kanye West, Michael Bloomberg, and more.

The bad news: Twitter has now revealed that the attackers may indeed have downloaded the private direct messages (DMs) of up to 8 individuals while conducting their Bitcoin scam, and were able to see “personal information” including phone numbers and email addresses for every account they targeted.

That’s because Twitter has confirmed that attackers attempted to download the entire “Your Twitter Data” archive for those 8 individuals, which contains DMs among other info.

They may even have DMs that the 8 individuals tried to delete, given that Twitter stores DMs on its servers as long as either party to a conversation keeps them around — we learned last February that you can retrieve deleted DMs by downloading the “Your Twitter Data” archive, even if you’ve deleted them yourself. The archive can also include other personal information like your address book and any images and videos you may have attached to those private messages as well.

The good news: Twitter claims none of those 8 accounts were verified users, suggesting that none of the highest-profile individuals targeted had their data downloaded. It’s still possible that the hackers looked at their DMs, but no, Democratic presidential candidate Joe Biden and others probably didn’t just get their DMs stolen outright.

According to Twitter, hackers targeted 130 accounts; successfully triggered a password reset, logged in, and tweeted from 45 of them; and only attempted to download data for that “up to eight” non-verified accounts. We do not know how many accounts they may have scanned for personal information or how many DMs they might have simply accessed or read.

And for the larger batch of 130 accounts — including high-profile ones like the Democratic presidential candidate — Twitter says they may have been able to see other sorts of personal information. Twitter also allows logged in users to see a location history of the places and times that they’ve logged in, as an example.

Twitter previously confirmed that its own internal employee tools were used to facilitate the account takeovers, and suspected that its employees had fallen for a social engineering scam — now, the company is going further to say definitively that the attackers “successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections.”

That aligns with the prevailing theories, which you can read more about in the NYT’s impressive report here.

There are still many, many more questions and serious investigations still ahead.

You can read Twitter’s full blog post here.



Source link

You may be interested

Elvis gave teenage Priscilla drugs in bed during marathon sessions: 'I nearly DIED'
Movies
shares0 views
Movies
shares0 views

Elvis gave teenage Priscilla drugs in bed during marathon sessions: 'I nearly DIED'

admin - Aug 08, 2020

[ad_1] During one marathon session, the rock star gave his girlfriend, who was still at school, powerful drugs. In a…

Robin Williams death: New film exposes his ‘TERROR’ at the end ‘I’m not me anymore’
Movies
shares0 views
Movies
shares0 views

Robin Williams death: New film exposes his ‘TERROR’ at the end ‘I’m not me anymore’

admin - Aug 08, 2020

[ad_1] Robin Williams confessed in his final months, "I’m not me anymore." A professor of neurology said, "it amazed me…

James Bond: How Pierce Brosnan landed job of 007 'Waited YEARS'
Movies
shares0 views
Movies
shares0 views

James Bond: How Pierce Brosnan landed job of 007 'Waited YEARS'

admin - Aug 08, 2020

[ad_1] James Bond has been played by many a man, with one of those coming in the form of Pierce…

Leave a Comment