Twitter says recent breach caused by spear-phishing attack on employees

Twitter binary code illustration
A 3D printed Twitter logo is seen in front of a displayed cyber code in this illustration picture.

Twitter Inc, whose internal systems were breached about two weeks ago, said on Thursday the incident targeted a small number of employees through a phone “spear-phishing” attack.

The U.S. microblogging site said the hackers targeted about 130 accounts, tweeted from 45, accessed inbox of 36, and were able to download Twitter data from seven.

Attackers also targeted specific employees who had access to account support tools, Twitter said here adding that it restricted access to its internal tools and systems ever since the incident occurred.

Hackers had accessed Twitter’s internal systems on July 15 to hijack some of the platform’s top voices including U.S. presidential candidate Joe Biden, reality TV star Kim Kardashian, former U.S. President Barack Obama and billionaire Elon Musk and used them to solicit digital currency.

Publicly available blockchain records show the apparent scammers received more than $100,000 worth of cryptocurrency.

The “spear-phishing” technique is a practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information.

More than a thousand Twitter employees and contractors as of earlier this year had access to internal tools that could change user account settings and hand control to others, making it hard to defend against the hacking.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s