In an update about last week’s breach, Twitter says that direct messages of 36 out of the 130 hacked accounts were exposed, including that of an elected official from Netherlands. This is in addition to the direct message data downloaded for eight of the hacked accounts via the ‘your Twitter data’ tool.
The social networking platform also confirmed that data wasn’t downloaded for any of the verified accounts that were hacked last week, which included that of Elon Musk, Jeff Bezos, Warren Buffet and Barack Obama, among others.
The attackers were able to access personal information of the hacked accounts, including email addresses and phone numbers, but not the passwords.
Twitter also said that direct messages of no other elected official were accessed.
According to Twitter, the attackers had targeted several of their employees through a social engineering scheme and successfully accessed several employee credentials, that helped them access Twitter’s internal systems.
The hackers also attempted to run a cryptocurrency scam by tweeting from 45 of the hacked accounts, which reportedly got them a six-figure payout. In addition to the tweets sent out by several of the accounts that were overtaken, the company believes that the attackers attempted to sell some of the usernames online.
Twitter says that in addition to reinforcing their security systems, they’ll also roll out a company-wide training program to fight social engineering attacks.
Earlier this month, Facebook announced that over 5000 app developers continued to receive updated non-public user data such as email address and birth date that the user had first shared during a sign-up with their Facebook account, even 90-days after the app hasn’t been used — the cut-off date.
In the News: Spotify rolls out Video Podcasts worldwide
