Twitter admitted the hacking was a result of a coordinated social engineering attack that was targeted at some of its employees.
By Jagmeet Singh | Updated: 17 July 2020 12:19 IST
Twitter hack impacted some of its most prominent, verified accounts on Thursday
Twitter didn’t find evidence that attackers accessed user passwords
It blocked some users from resetting their account passwords
Twitter hack might have been executed by a SIM swapper
Twitter is busy investigating the massive hack that took place on its platform early Thursday. In a series of updates, the microblogging network on Friday revealed that it had no evidence that attackers accessed passwords and thus didn't find resetting passwords necessary. The Twitter team behind the investigation also found that around 130 accounts were targeted by the attackers in the incident. As an aftermath of the attack, Google has dropped the prominent Twitter carousel from its search results. The San Francisco division of the Federal Bureau of Investigation is also reportedly leading an inquiry into the Twitter hack.
Here are the top 10 points you need to know about this big story:
Several prominent, verified Twitter accounts were hacked on early Thursday in a widespread Bitcoin scam. The official accounts of former US President Barack Obama, Microsoft co-founder Bill Gates, Amazon CEO Jeff Bezos, Tesla CEO Elon Musk, and media tycoon Mike Bloomberg, along with brands such as Apple and Uber, were amongst the ones affected by the hack. All these accounts sent out tweets asking people to donate money in Bitcoin.
The hacking came in place after a coordinated social engineering attack was targeted at some of Twitter employees by a third-party group. The company said that the social engineering attack helped attackers gain access to its internal systems and tools. “We know they used this access to take control of many highly-visible (including verified) accounts and tweet on their behalf,” it added.
Twitter said on Friday that it didn't find any evidence that the attackers accessed user passwords. “Currently, we don't believe resetting your password is necessary,” the company said in a tweet posted through the Twitter Support account. The company also noted that it had locked any accounts that had attempted to change their passwords during the past 30 days.
Further, as part of additional security measures, some users were restricted from resetting their account password. “Other than accounts that are still locked, people should be able to reset their password now,” Twitter noted in a tweet. It also added that locking of accounts didn't necessarily mean that they were compromised.
In another update, Twitter said that approximately 130 accounts were targeted by the attackers as part of the incident. “For a small subset of these accounts, the attackers were able to gain control of the accounts and then send tweets from those accounts,” the company said. It has also started working with impacted account users and is “continuing to access” whether any non-public data related to these accounts was leaked. Further, the ability to download users' Twitter data has been disabled while the investigation is in place.
Since the investigation is still going on from the Twitter side, the exact impact of the attack is yet to be revealed. The company said that it had been taking “aggressive steps” to secure its systems while investigating the hacking. “We're in the process of assessing longer-term steps that we may take and will share more details as soon as we can,” it said in a tweet.
Meanwhile, Google has removed the prominent Twitter carousel from its search results. The carousel, which is a part of Google Search since May 2015, was showing tweets in search results to help people find relevant answers on the microblogging network. However, the search giant has decided its removal not just for the accounts that were hacked but for all Twitter accounts. In a statement to Search Engine Roundtable, Google said, “We can confirm we have temporarily removed the Twitter carousel from Search following Twitter's security issues. Before restoring the feature we will carry out a careful review.” The temporary change is likely to put a massive impact on the engagements coming on Twitter from Google Search.
While Twitter is still investigating the incident and is yet to name the attackers behind the historic hacking, renowned security researcher Brian Krebs believed that hijacking may have been executed by a 21-year-old SIM swapper from England. Krebs said that after digging into a forum dedicated to account hijacking, he found some references that the notorious SIM swapper, who goes by pseudonym PlugWalkJoe, hijacked some of the forum users who had access to Twitter's internal tools. Named Joseph Connor, the SIM swapper has already been under investigation for attacking accounts of celebrities, the researcher said.
Separately, the San Francisco division of the FBI is leading an inquiry into the Twitter hack as several lawmakers in the US have raised concerns. “This hack bodes ill for November balloting,” US Senator Richard Blumenthal, a Democrat, said in a statement. US representative Jim Jordan also echoed a similar concern and said that he remained locked out of his Twitter account as of Thursday afternoon.
Reuters also reported, citing people familiar with the development, that Twitter had stepped up its search for a chief information security officer (CISO) before the hack took place on Thursday. The company, however, didn't provide any clarity on whether it is bolstering its security team.
In 2020, will WhatsApp get the killer feature that every Indian is waiting for? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.