Twitter says attackers downloaded data from up to eight non-verified accounts
Twitter Inc said on Saturday that hackers were able to download account information for up to eight accounts involved in the hack of its systems this week, but said none of them were verified accounts.
The company said the unidentified attackers targeted 130 accounts, and were able to reset passwords to take control of 45 of them and tweet from those accounts.
Hackers accessed Twitter’s internal systems to hijack some of the platform’s top voices including U.S. presidential candidate Joe Biden, reality TV star Kim Kardashian, former U.S. President Barack Obama and billionaire Elon Musk and used them to solicit digital currency.
Publicly available blockchain records show the apparent scammers received more than $100,000 worth of cryptocurrency.
In the attack that occurred on Wednesday, Twitter said hackers were able to view personal information including email addresses and phone numbers of the 130 targeted accounts, but unable to view previous account passwords.
“In cases where an account was taken over by the attacker, they may have been able to view additional information”, Twitter said in the statement without specifying the type of information accessed.
Hackers may have also attempted to sell the user names of some of the accounts, it said.
The high-profile accounts that were hacked also included rapper Kanye West, Amazon.com founder Jeff Bezos, investor Warren Buffett, Microsoft co-founder Bill Gates, and the corporate accounts for Uber and Apple.
In its latest statement, Twitter said attackers “manipulated a small number of employees” to gain access to the internal support tools used in the hack.
The company said it was holding back some of the details of the attack as it continues its investigation and reiterated that it was working with impacted account owners.
The FBI’s San Francisco division is leading an inquiry into the hacking, with many Washington lawmakers also calling for an account of how it happened.
REUTERS