Twitter Says Hackers Accessed the Direct Messages of 36 Accounts in Last Week's Breach

by

Twitter is continuing to investigate last week's security breach that saw the Twitter accounts of Apple and other high-profile figures and companies hacked by bitcoin scammers, and today the social media company confirmed that hackers accessed the Direct Messages of 36 Twitter accounts.

apple bitcoin hack
Twitter previously said that no passwords were stolen in the hack, which was a "coordinated social engineering attack" that targeted Twitter employees. Hackers were able to gain access to employee credentials, using that information to access Twitter's internal systems, including bypassing two-factor authentication protections.


The internal tools were used to target 130 accounts, and for 45 of those accounts, hackers initiated a password reset and had full access to the account to send tweets. For eight of the Twitter accounts, the attackers downloaded account information through the "Your Twitter Data" tool that provides Twitter account details and activity, but none of the eight accounts targeted in this way were verified accounts.

For the 130 accounts that were breached, which included the accounts of Tesla CEO Elon Musk, former U.S. President Barack Obama, former Microsoft CEO Bill Gates, Amazon CEO Jeff Bezos, presidential candidate Joe Biden, and others, hackers were able to see personal information like email addresses and phone numbers, and for some accounts taken over, additional information was available.

Twitter has not provided specific details on which of the 36 accounts saw their DMs breached, but hackers did access the DMs of one elected official in the Netherlands. No other former or current elected official had their DMs accessed.

Twitter is communicating directly with the account holders that were impacted and is further securing its system to prevent future attacks. As part of its efforts to stop something similar from happening again, Twitter is rolling out additional company-wide training to guard against social engineering tactics.

Tag: Twitter

Popular Stories

apple wallet drivers license feature iPhone 15 pro teal 1

Apple Says iPhone Driver's Licenses Coming to These 8 U.S. States, But Rollout Remains Slow

Wednesday March 19, 2025 6:55 am PDT by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Unfortunately, this feature continues to roll out very slowly. It has been three and a half years since Apple first announced the...
Read Full Article53 comments
iOS 19 visionOS UI Elements

iOS 19 to Have Some of the 'Biggest' Design Changes in iPhone's History

Sunday March 16, 2025 10:35 am PDT by
Apple is planning some of the "biggest iOS and macOS redesigns in its history," according to Bloomberg's Mark Gurman. In his Power On newsletter today, Gurman reiterated that iOS 19 will have a visionOS-like design with more transparent interfaces:The new interfaces will adopt the design principles introduced in visionOS, the software for Apple's Vision Pro headset. That includes greater...
Read Full Article158 comments
iphone 16 pro ghost hand

Next Year's iPhone 18 Pro Already Rumored to Have Five New Features

Tuesday March 18, 2025 1:00 pm PDT by
While the iPhone 18 Pro models are still around a year and a half away from launching, there are already some early rumors about the devices. Below, we recap some key iPhone 18 Pro rumors so far. Under-Screen Face ID In April 2023, display industry analyst Ross Young shared a roadmap showing that iPhone 17 Pro models would feature under-display Face ID. In May 2024, however, Young said ...
Read Full Article76 comments
iphone 16 pro models 1

Apple's First Foldable iPhone Estimated to Cost Nearly Twice as Much as iPhone 16 Pro Max

Monday March 17, 2025 6:42 am PDT by
In an investor research note today with British bank Barclays, analyst Tim Long said Apple's first foldable iPhone could have a starting price in the $2,300 range in the United States, which would make it by far the most expensive iPhone model ever. If the first foldable iPhone starts at $2,299, that means it would cost nearly twice as much as the iPhone 16 Pro Max, which starts at $1,199. ...
Read Full Article260 comments
Bent iPhone Air Feature

Apple Canned Larger iPhone 17 Air Model Over Fears of Bendgate 2.0

Monday March 17, 2025 4:07 am PDT by
Apple prototyped a larger ultra-slim iPhone 17 Air with a 6.9-inch display, but ultimately decided not to go ahead with the device because of fears that it could be susceptible to bending, according to a new report. Bloomberg reporter Mark Gurman, writing in his latest Power On newsletter: When it first started work on the phone, it prototyped a device with a 6.9-inch screen — matching...
Read Full Article94 comments
iphone 16 pro models 1

All Four iPhone 17 Models Rumored to Feature Upgraded 24-Megapixel Front Camera and More

Monday March 17, 2025 7:50 pm PDT by
All four iPhone 17 models launching later this year will feature an upgraded 24-megapixel front-facing camera, according to analyst Jeff Pu. In a research note today with investment firm GF Securities, Pu shared a chart in which he reiterated that the iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max will each be equipped with a 24-megapixel front camera. By comparison, all four ...
Read Full Article50 comments
General iOS Mail Feature

iOS 18.3.2 Broke iCloud Mail Delivery

Monday March 17, 2025 3:31 pm PDT by
The iOS 18.3.2 update that Apple released last week appears to have broken iCloud Mail for some users. There are multiple complaints on Reddit and the MacRumors forums from users who say that iCloud Mail is not able to push new iCloud emails to their iPhones after the iOS 18.3.2 update. Affected users say that despite having the correct settings enabled, new iCloud emails are not showing up...
Read Full Article81 comments
iphone 17 pro asherdipps

iPhone 17 Pro Max Rumors Allegedly Refer to 'iPhone 17 Ultra' Model

Friday March 14, 2025 7:56 am PDT by
If you've been following iPhone rumors over the last few years, you may remember reading reports that Apple flirted with the idea of introducing a super high-end "Ultra" model that would either replace its Pro Max device or sit above it in Apple's smartphone hirearchy. These reports appeared in the pre-launch iPhone 15 and iPhone 16 rumor cycles, but ultimately came to nothing. Now though, the...
Read Full Article147 comments

Top Rated Comments

Apple_Robert Avatar
Apple_Robert
61 months ago
I am glad I got rid of Twitter a while back. I am social media free on my devices, except for MacRumors. :D
Score: 17 Votes (Like | Disagree)
Populus Avatar
Populus
61 months ago

Stoked the USA didn't "declare war" during this debacle.
Wow, I hadn't thought about what they (the hackers) could have done if they had accessed certain leader twitter... It gives me the shivers.


I am glad I got rid of Twitter a while back. I am social media free on my devices, except for MacRumors. :D
I did too, 6 years ago (more or less) and I'm glad to be free of all that tension, hate and aggressiveness I sometimes see on Twitter.
Score: 11 Votes (Like | Disagree)
jchap Avatar
jchap
61 months ago
"Social engineering" = "hacked by someone inside Twitter, who had the knowledge, ability and motivation to do this." Of course, Twitter implies that the perpetrator was outside of the company, and they seem to be inferring that Twitter's employees were somehow coerced or "socially engineered" into doing this without their knowledge.

No amount of internal training will prevent this kind of result.

Twitter needs to review their protocols that allow employees to access and modify said data in the first place. Someone had full access to a database that should have been carefully restricted only to those who absolutely required access for legal reasons. Did Twitter even go through any internal procedure leading up to the insider gaining said access? Companies that are careful about such things will keep their servers in secure and locked rooms, and meticulously log and monitor all access. They should absolutely know who was in there and which employee accessed their database, unless they are so inept that they have no access logging system.

If the DM database(s) was/were accessible anywhere inside of their corporate network outside of a select few, that is a major problem in and of itself. The fact that Twitter allows this sort of coordinated attack (whether the perpetrator was inside or outside of Twitter's corporate network) to even be possible says something about their security practices.

Ask yourself: do I want to participate in a social network, which is hosted by a company that allows its employees access to my direct messages without just legal cause?
Score: 10 Votes (Like | Disagree)
Makosuke Avatar
Makosuke
61 months ago
It's impressive and extremely lucky that these were small-time and uncreative hackers who apparently hit the social-engineering jackpot--they could have caused a truly disturbing amount of international or financial market chaos but basically just used it on a lame Bitcoin scam and selling a few low-character-count usernames.

Imagine what a well-planned, coordinated action by a state actor, dedicated group of terrorists, clever anarchists, or big-time financial market scammers could have accomplished.

You can be pretty sure that whoever they are they are reconsidering the success of their scam--there is absolutely no way $100K or so split more than one way is worth the international manhunt that's almost certain to result from this.
Score: 7 Votes (Like | Disagree)
ghanwani Avatar
ghanwani
61 months ago

Twitter is communicating directly with the account holders that were impacted...
Gates, Obama, Musk and other big guys all communicating with Twitter's frustrating customer service. haha
Score: 4 Votes (Like | Disagree)
nvmls Avatar
nvmls
61 months ago

Gates, Obama, Musk and other big guys all communicating with Twitter's frustrating customer service. haha
"Welcome to Twitter CS. if you are a celebrity please dial 1"
Score: 4 Votes (Like | Disagree)
Read All Comments