Hackers who breached Twitter accounts belonging to Democratic presidential nominee Joe Biden, rapper Kanye West and other high profile users had targeted roughly 130 accounts, only taking over a small number, the company said.
Attackers gained access to “a small subset” of the 130 accounts on which they initially focused, gaining control and sending tweets in their name, Twitter said in an update Thursday. By impersonating influential users like former president Barack Obama, Microsoft co-founder Bill Gates and Amazon CEO Jeff Bezos, the hackers urged millions of followers to send bitcoin to the same address as part of a scam that netted more than $110,000.
While Twitter has since removed all of the tweets, the incident marked a major breach for the social media site, resulting in questions about its ability to safeguard accounts belonging to influential newsmakers. It’s also led to suggestions that the attackers would have had access to the direct messages of the users they breached, a level of visibility that could have exposed private messages sent on the site.
Twitter said it was still investigating that question, as of Thursday evening.
We’re working with impacted account owners and will continue to do so over the next several days. We are continuing to assess whether non-public data related to these accounts was compromised, and will provide updates if we determine that occurred.
— Twitter Support (@TwitterSupport) July 17, 2020
The breach also has led to questions about a Twitter plan, discussed in 2018, to protect messages with end-to-end encryption, a security protocol that already armors texts sent via iMessage and WhatsApp, for instance.
The technology is meant to ensure that only two users, the sender and the recipient, are able to read the contents of a message, rather than outside hackers who may catch the message in transit. Sen. Ron Wyden, D-Ore., for one, used the occasion to ask Twitter about the status of its encryption plans.
Whether end-to-end encryption would have protected the direct messages in question, though, remains unclear. The nature of the hack suggests the attackers may have had unfettered access to the breached accounts, apparently by accessing internal controls at the company, rather than by breaching individual users. If Twitter maintains the technical ability to access users’ direct messages, hackers may have had that, too.
Meanwhile, the Federal Bureau of Investigation has launched a probe into the breach and New York Gov. Andrew Cuomo said the state’s Department of Financial Services also would examine the matter.