Twitter Says Their Employees Were Targeted For Account Hacking

Twitter finally explains how the high-profile accounts were hacked last month, after completing a two-week period of investigation. The company tells a phone spear-phishing attack was targeted at their employees to gain their credentials, and to access those accounts to post a fake Bitcoin campaign.

Twitter Revealed the Credentials of their Employees that Were Breached

The uncommon tweets on July 15th from several high-profile accounts this year has shaken up the online community. Accounts of several known people like Kim Kardashian, Bill Gates, Elon Musk, Bill Gates, Barack Obama, Joe Biden, Kanye West etc tweeted about a fake Bitcoin campaign.

Besides the individual celebrities, institutional accounts like Apple and Uber, and cryptocurrency exchanges like Binance, Coinbase and Gemini were also affected by this intrusion. The tweets asked followers to send Bitcoin to a specific address to receive double of that. Though being fake, hackers have received about $120,000 in Bitcoin funds, making it a successful campaign.

And now, Twitter came up with an explanation of how it happened. The company said some of its employees were targeted by a phone spear-phishing attack to gain their credentials. These were leveraged to gain access to Twitter’s internal network, and learn the process of finding people with powers of account management tools.

Thereby, targeting those specific employees for their credentials, and in turn to using them for managing the above-said accounts. It said that about 130 accounts were accessed by the attackers in this incident, and posted malicious campaign tweets from 45 of those. Further, direct messages of 36 accounts were accessed and Twitter data of 7 accounts were downloaded.

This led Twitter to limit the access of employees to handle the account management tools, making the response delayed for user reports. Further, the company said to be improving the tools for detecting and preventing unauthorized access to Twitter’s internal systems and also running company-wide phishing exercises to avoid such incidents in future.

Other Trending News:-  News


Please enter your comment!
Please enter your name here