Twitter Says Hackers Accessed the Direct Messages of 36 Accounts in Last Week's Breach

Twitter is continuing to investigate last week's security breach that saw the Twitter accounts of Apple and other high-profile figures and companies hacked by bitcoin scammers, and today the social media company confirmed that hackers accessed the Direct Messages of 36 Twitter accounts.


Twitter previously said that no passwords were stolen in the hack, which was a "coordinated social engineering attack" that targeted Twitter employees. Hackers were able to gain access to employee credentials, using that information to access Twitter's internal systems, including bypassing two-factor authentication protections.


The internal tools were used to target 130 accounts, and for 45 of those accounts, hackers initiated a password reset and had full access to the account to send tweets. For eight of the Twitter accounts, the attackers downloaded account information through the "Your Twitter Data" tool that provides Twitter account details and activity, but none of the eight accounts targeted in this way were verified accounts.

For the 130 accounts that were breached, which included the accounts of Tesla CEO Elon Musk, former U.S. President Barack Obama, former Microsoft CEO Bill Gates, Amazon CEO Jeff Bezos, presidential candidate Joe Biden, and others, hackers were able to see personal information like email addresses and phone numbers, and for some accounts taken over, additional information was available.

Twitter has not provided specific details on which of the 36 accounts saw their DMs breached, but hackers did access the DMs of one elected official in the Netherlands. No other former or current elected official had their DMs accessed.

Twitter is communicating directly with the account holders that were impacted and is further securing its system to prevent future attacks. As part of its efforts to stop something similar from happening again, Twitter is rolling out additional company-wide training to guard against social engineering tactics.

Tag: Twitter

Top Rated Comments

(View all)
Avatar
14 weeks ago
I am glad I got rid of Twitter a while back. I am social media free on my devices, except for MacRumors. :D
Score: 17 Votes (Like | Disagree)
Avatar
14 weeks ago


Stoked the USA didn't "declare war" during this debacle.

Wow, I hadn't thought about what they (the hackers) could have done if they had accessed certain leader twitter... It gives me the shivers.


I am glad I got rid of Twitter a while back. I am social media free on my devices, except for MacRumors. :D

I did too, 6 years ago (more or less) and I'm glad to be free of all that tension, hate and aggressiveness I sometimes see on Twitter.
Score: 11 Votes (Like | Disagree)
Avatar
14 weeks ago
"Social engineering" = "hacked by someone inside Twitter, who had the knowledge, ability and motivation to do this." Of course, Twitter implies that the perpetrator was outside of the company, and they seem to be inferring that Twitter's employees were somehow coerced or "socially engineered" into doing this without their knowledge.

No amount of internal training will prevent this kind of result.

Twitter needs to review their protocols that allow employees to access and modify said data in the first place. Someone had full access to a database that should have been carefully restricted only to those who absolutely required access for legal reasons. Did Twitter even go through any internal procedure leading up to the insider gaining said access? Companies that are careful about such things will keep their servers in secure and locked rooms, and meticulously log and monitor all access. They should absolutely know who was in there and which employee accessed their database, unless they are so inept that they have no access logging system.

If the DM database(s) was/were accessible anywhere inside of their corporate network outside of a select few, that is a major problem in and of itself. The fact that Twitter allows this sort of coordinated attack (whether the perpetrator was inside or outside of Twitter's corporate network) to even be possible says something about their security practices.

Ask yourself: do I want to participate in a social network, which is hosted by a company that allows its employees access to my direct messages without just legal cause?
Score: 10 Votes (Like | Disagree)
Avatar
14 weeks ago
It's impressive and extremely lucky that these were small-time and uncreative hackers who apparently hit the social-engineering jackpot--they could have caused a truly disturbing amount of international or financial market chaos but basically just used it on a lame Bitcoin scam and selling a few low-character-count usernames.

Imagine what a well-planned, coordinated action by a state actor, dedicated group of terrorists, clever anarchists, or big-time financial market scammers could have accomplished.

You can be pretty sure that whoever they are they are reconsidering the success of their scam--there is absolutely no way $100K or so split more than one way is worth the international manhunt that's almost certain to result from this.
Score: 7 Votes (Like | Disagree)
Avatar
14 weeks ago


Twitter is communicating directly with the account holders that were impacted...

Gates, Obama, Musk and other big guys all communicating with Twitter's frustrating customer service. haha
Score: 4 Votes (Like | Disagree)
Avatar
14 weeks ago


Gates, Obama, Musk and other big guys all communicating with Twitter's frustrating customer service. haha

"Welcome to Twitter CS. if you are a celebrity please dial 1"
Score: 4 Votes (Like | Disagree)

Top Stories

'A New iOS Update is Now Available' Popping Up Repeatedly in iOS 14 Beta [Fixed: New Beta Available]

Thursday October 29, 2020 6:11 pm PDT by
Many users running iOS 14 beta are reporting that they are seeing a dialog box pop up repeatedly asking them to update from the latest iOS 14 beta. Threads in our forums, Reddit, and Twitter are reporting the issue. The dialog has been appearing for a few days now, but as of tonight has started appearing more frequently, every time an iPhone is unlocked. There's been further discussion in...

First iPhone 12 Mini Hands-On Video Surfaces [Update: Video Pulled]

Wednesday October 28, 2020 1:21 pm PDT by
Apple's iPhone 12 mini and the iPhone 12 Pro Max aren't set to be available until November 13, but a Romanian YouTuber got his hands on the iPhone 12 mini and showed it off today, offering a size comparison between the iPhone 12 and the 12 mini along with going over some of the device's features. The iPhone 12 mini is identical to the iPhone 12 in design and functionality, but it has a...

Apple One is Now Available: Save Money by Bundling Apple Music, iCloud Storage, Apple TV+, Apple Arcade, and More

Friday October 30, 2020 7:47 am PDT by
Apple One bundles are now available in the United States and over 100 other countries, allowing customers to subscribe to multiple Apple services through a single plan, including Apple Music, Apple TV+, Apple Arcade, iCloud, and more. To sign up for Apple One on an iPhone: Open Settings App Tap on Your Name at the top Tap on Subscriptions Tap on Apple One The prompt for Apple One...

iPhone 12 Ceramic Shield Still 'Scratches at Level 6 With Deeper Grooves at Level 7' in Mohs Hardness Test

Wednesday October 28, 2020 7:10 am PDT by
iPhone 12 and iPhone 12 Pro models feature a new Ceramic Shield front cover that is "tougher than any smartphone glass," according to Apple, but the displays on the devices still have similar scratch resistance as previous iPhones based on a new test. Zack Nelson today shared his much-anticipated iPhone 12 Pro durability test on his YouTube channel JerryRigEverything, and based on the Mohs...

Apple CEO Tim Cook: 'More Exciting Things' in Store For This Year

Thursday October 29, 2020 2:20 pm PDT by
During today's earnings call for the fourth fiscal quarter of 2020 (third calendar quarter), Cook said that while he doesn't want to give too much away, "this year has a few more exciting things in store." Cook is likely speaking about the Apple Silicon Macs, as Apple has previously said the first Apple Silicon Mac will be coming before the end of 2020. There are rumors of a third fall event ...

2020 iPad Air vs. iPad Pro: Hands-On Comparison

Tuesday October 27, 2020 3:03 pm PDT by
Apple announced the new 2020 fourth-generation iPad Air in September, but the new tablets just started shipping out to customers last Friday. We picked one up and thought we'd do a hands-on comparison with the iPad Pro, which was last updated in March, because both tablets are about as powerful and share many similarities. Subscribe to the MacRumors YouTube channel for more videos. Design and ...

After Mocking Apple, Samsung May Remove Power Adapter From Galaxy S21 Box

Tuesday October 27, 2020 4:29 pm PDT by
Samsung's Galaxy S21, coming in 2021, may not include a power adapter or headphones in the box, according to reports from Korean media sites highlighted by SamMobile. Rumors earlier this year also said that Samsung was considering removing these accessories from future smartphone models, but that didn't stop Samsung from mocking Apple for selling the iPhone 12 models without a power adapter...

Apple Releases First macOS Big Sur 11.0.1 Beta to Developers [Update: Public Beta Available]

Wednesday October 28, 2020 10:15 am PDT by
Apple today seeded a new macOS Big Sur 11.0.1 beta to developers for testing purposes, with the new beta replacing the existing macOS Big Sur 11 beta 10 update that was released two weeks ago. The macOS Big Sur beta can be downloaded through the Apple Developer Center and once the appropriate profile is installed, subsequent betas will be available through the Software Update mechanism in...

Apple One Service Bundles Set to Launch Tomorrow, Fitness+ Coming This Quarter

Thursday October 29, 2020 1:39 pm PDT by
Apple in September announced Apple One, a new series of services bundles that will let Apple device customers purchase several services together in one package instead of separately, saving money for those who use multiple Apple service products. Ahead of Apple's earnings call, Apple CFO Luca Maestri told Bloomberg that Apple One is set to launch on Friday, October 30. Apple One Bundle...

PSA: Apple One Premier Bundle Only Available in US, UK, Canada, and Australia

Friday October 30, 2020 2:39 am PDT by
Apple's new Apple One series of services bundles launches on Friday in over 100 countries and regions, but the top Premier tier will be limited to the United States, the United Kingdom, Australia, and Canada. The limited rollout of the $29.95 Premier tier is down to the fact that Apple News+ is currently only available in the above countries. Apple News+ is exclusive to the Premier tier,...