Twitter has admitted that a breach of its systems on July 15 led hackers to view the private direct-message inboxes of 36 people, including one elected official in The Netherlands.
Direct Messages are a way for Twitter users to communicate privately with each other, either in groups or on a one-to-one basis. Twitter previously wouldn't say if hackers had accessed the private messages of any users.
- Twitter's own tools used by hackers in massive bitcoin scam attack
- Twitter sheds new light on hack, says 130 accounts targeted
The admission comes in the wake of Twitter's most serious cybersecurity incident to date. Over a two-hour period on July 15, hackers gained access to tools used by Twitter staff to view and control user accounts. They targeted 130 accounts and took control of 45 of them, according to Twitter.
These accounts included those belonging to Barack Obama, Joe Biden, Jeff Bezos, Bill Gates, Elon Musk, Kanye West, Kim Kardashian and other extremely high-profile people with verified accounts and millions of followers. The accounts then tweeted about a bitcoin scam, which appeared to convince fellow Twitter users to deposit over $100,000 into a bitcoin wallet.
Other than the Dutch elected official, Twitter has not said who the other 35 accounts belong to, and whether they were verified accounts or not. These tend to belong to celebrities, politicians, businesses, news outlets and some members of the media.
Twitter also said that eight accounts had their entire history downloaded. This, which is called Your Twitter Data, can be downloaded by account holders who want a copy of their public tweets and private DM messages. Twitter says none of those eight accounts were verified, thus are unlikely to belong to high-profile individuals.
Going forward, and with the hackers still seemingly at large, Twitter says it will use the coming days to continue its investigation into what happened, including cooperation with law enforcement.
It says it will further secure its systems to prevent future attacks, and is "rolling out company-wide training to guard against social engineering tactics," as this is how Twitter believes the hackers were able to gain access to internal company tools.
"We're embarrassed, we're disappointed, and more than anything, we're sorry," Twitter added.
NORTON CORE by Symantec Model 517 High Performance Secure Wi-Fi Wireless Router Built-in Network, Device and Antivirus Security, Smart Parental Controls - Titanium Gold