Twitter says hackers downloaded data from eight users in Wednesday’s hack

0
95


Twitter provided another update in its investigation into its security incident on Wednesday when a group of hackers breached its backend and tweeted a cryptocurrency scam on behalf of high-level, verified accounts.

The incident became notable because hackers compromised the accounts of public figures such as Barrack Obama, Joe Biden, Bill Gates, Elon Musk, Jeff Bezos, Apple, Uber, Kanye West, Kim Kardashian, Michael Bloomberg and many more. other.

In light of the high-profile incident and with all eyes on its response, Twitter is providing daily updates since the hack, as security teams scour the logs to find what happened. and who was behind the intrusion.

These updates have now gotten quite large and complicated, and as a result, we’ll list them below and keep updating this article as Twitter releases new evidence.

  • The incident took place on Wednesday July 15, 2020.
  • Twitter said hackers used social engineering to access Twitter employee accounts.
  • A New York Times report that has yet to be confirmed by Twitter said hackers breached Slack employee accounts and found credentials for the Twitter backend pinned to a Slack channel.
  • Twitter said the hackers had “passed” their two-factor protections, but did not say whether they were backend accounts or Slack accounts.
  • Once the hackers gain access to the Twitter backend, they have Twitter’s own in-house technical support tools to interact with the accounts.
  • The hackers interacted with 130 accounts, according to Twitter.
  • For 45 accounts, the hackers launched a password reset, logged into the account and sent new tweets to promote their cryptocurrency scam.
gateshack.png
  • Twitter said it believed hackers attempted to sell access to some hacked Twitter accounts as well, due to highly coveted usernames.
  • For eight accounts, hackers downloaded account data via the “Your Twitter Data” function.
  • Twitter did not specify whether the downloaded data also included private messages, or whether its support tool has the ability to display DMs.
  • None of these eight accounts have been verified.
  • Twitter is now open to all eight account holders.
  • Once the hack was discovered on Wednesday, Twitter said it had blocked all verified accounts from tweeting during its investigation.
  • It also prevented some users from resetting their passwords for hackers to take control of new accounts.
  • These limitations lasted for a few hours and the functionality was eventually returned.
  • Twitter said it had no reason to believe that hackers had access to clear text passwords and would not reset users’ passwords in the future.
  • However, the attackers displayed information such as the email addresses and phone numbers of the targeted accounts.
  • An investigation by the police is already underway.

Updates will follow as Twitter learns more and shares with the public.

LEAVE A REPLY

Please enter your comment!
Please enter your name here