“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” Twitter said Thursday via tweet.
Twitter didn’t spell out how exactly the attack was carried out or how its employees were fooled. The company previously said the hackers used “social engineering” to gain access to its tools. Once the hackers tricked employees into giving them access to Twitter’s systems, they learned more about how the company worked and used that information to target other employees, Twitter said in its latest disclosure on the event.
During the July 15 attack hackers targeted 130 Twitter accounts. They tweeted from 45, accessed the so-called direct messages of 36 users and downloaded the Twitter data of seven customers, the San Francisco-based company said.
The hackers tweeted from accounts of such high-profile users as former Vice President and current presumptive Democratic presidential candidate Joe Biden and Tesla Inc. Chief Executive Elon Musk to perpetrate a cryptocurrency scam. Among the users whose message they accessed was Dutch anti-Islam politician Geert Wilders.
The relatively mundane mechanics of the attack revived concerns about Twitter’s data security. This was the third major security incident linked to insider access to Twitter systems since the company entered into a 2011 consent decree with the Federal Trade Commission over weaknesses in its security practices.
The hack has raised pressure on Twitter over how it runs the platform. Republican Sen. Josh Hawley of Missouri Friday wrote to Twitter chief executive Jack Dorsey seeking further information about the hack, including whether the company in the past had considered more-stringent access control measures and, if so, why it hadn’t implemented them. The Federal Bureau of Investigation is probing what happened.
Twitter said Thursday “we’re accelerating several of our pre-existing security workstreams and improvements to our tools. We are also improving our methods for detecting and preventing inappropriate access to our internal systems and prioritizing security work across many of our teams.”