Yesterday (15th July 2020), Twitter faced the largest ever cybersecurity attack. More than a dozen Twitter accounts were hacked. These included verified corporate accounts of Apple, Amazon CEO Jeff Bezos, Microsoft founder Bill Gates, Democratic presidential candidate Joe Biden and former US President Barack Obama. Tesla CEO Elon Musk’s profile was the first to get hacked.
Each profile was used to lure followers into sending an amount to a bitcoin address. The tweet promised a double payback of the amount sent.
Upon investigation, according to Twitter, it was revealed that it was a coordinated social engineering attack that exploited Twitter employees’ access to internal systems and tools.
Soon after the attack, Twitter’s support account tweeted:
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools. We know they used this access to take control of many highly-visible (including verified) accounts and Tweets on their behalf.
Twitter CEO Jack Dorsey also tweeted, explaining how it was a tough time for the social media giant, and the team feels terrible.
Tough day for us at Twitter. We all feel terrible this happened.— jack (@jack) July 16, 2020
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.
Some other accounts hacked include:
- Former New York City Mayor Mike Bloomberg
- Musician Kanye West
- Musician Wiz Khalifa
- Berkshire Hathaway Chairman Warren Buffett
- Reality TV star Kim Kardashian
- Cash App corporate account
- Uber corporate account.
Following the attack, Twitter shares were down by more than 3% in extended trading.
Fortunately, the attack could have been worse, as Rachel Tobac, the CEO of cybersecurity firm SocialProof Security said:
We are lucky the attackers are going after bitcoin (money motivated) and not motivated by chaos and destruction.