Hackers who compromised high profile Twitter accounts last week had accessed some of those accounts’ direct messages, Twitter revealed Wednesday, July 22.
Following a complete review of the targeted accounts, the company said 36 out of the 136 accounts have had their DM inboxes viewed by hackers. One of the accounts belonged to an elected official in the Netherlands. Although Twitter did not disclose his identity, previous reports stated Dutch politician Geert Wilders had his account compromised at the time the hacking news was reported by the media.
The 36 accounts with their DMs accessed are different from the eight accounts, which had their entire “Twitter Data” downloaded. A person’s “Twitter Data” included their account activity, including private messages. The company reconfirmed none of the impacted eight accounts, reported Tuesday, July 21, were verified users.
To sum up, the attackers had targeted 130 total accounts in which 45 of them had been used to send tweets, 36 accounts had their DMs accessed, while eight accounts had their entire data downloaded.
Twitter is continuing its investigation and has vowed to roll out company-wide training to guard against social engineering tactics used by criminals to target its employees.
Twitter initially revealed hackers used social engineering, or the act of intentionally manipulating people to perform certain actions and divulge confidential information.
The FBI also launched an investigation into this unprecedented Twitter hack. The social networking site is facing backlash over security concerns especially with the upcoming United States presidential election. In a statement, the FBI said the hack appears to only perpetuate a cryptocurrency fraud and advised the public not to fall for such schemes.
The specific cryptocurrency fraud is the BTC Giveaway Scam, which entices users to send Bitcoin in order to receive BTC that is double the amount they sent. The Twitter hack compromised the accounts of high profile figures like Joe Biden and Elon Musk, in addition to the accounts of figures in the cryptocurrency industry such as Changpeng “CZ” Zhao of Binance and Justin Sun of Tron.
The hackers managed to get away with around $120,000 worth of Bitcoin. It is believed they may have already sold these bitcoins and the new owner is currently mixing the tokens to prevent tracing.