Twitter is still trying to determine whether the attackers had access to private direct messages, but it’s confident they never had access to the victims’ login passwords.
(Photo by Justin Sullivan/Getty Images)
This week’s epic Twitter hack targeted about 130 accounts, although only a “small subset” were actually hijacked, according to the company.
“Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident,” Twitter said in a Thursday update. “For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.”Tweet
The hackers took control of internal tools by paying a Twitter insider for the access, Motherboard reports. This allowed them to change the registered email addresses on targeted accounts, at which point the hackers were likely able to reset account passwords and even revoke two-factor authentication settings, paving the way for the takeovers.
SEE ALSO: Facebook Starts Labeling Voting Posts From Presidential Candidates
Ultimately, accounts belonging to public figures including Barack Obama, Bill Gates and Elon Musk were compromised. The attackers tweeted out a Bitcoin scam, which managed to collect over $119,000. The hack was so swift and brazen, it seemed like the culprits had access to any account they desired.
