Twitter says phishing assault used to hack accounts


Twitter has revealed {that a} hack of a few of its highest-profile customers was the results of a phishing assault by which workers had been focused by telephone, including that it had “considerably restricted entry” to its inside instruments following issues over its safety practices. 

The social media firm mentioned on Thursday that hackers had focused “a small variety of workers by means of a telephone spear phishing assault” — which means that the employees in query had been rigorously, reasonably than randomly, chosen after which tricked into handing over entry to the interior instruments.

“This assault relied on a major and concerted try and mislead sure workers and exploit human vulnerabilities to achieve entry to our inside methods,” Twitter mentioned in an announcement. A spokesperson wouldn’t touch upon whether or not it had discovered proof that Twitter insiders additionally helped the attackers.

Twitter added it had “considerably restricted entry to our inside instruments and methods to make sure ongoing account safety whereas we full our investigation”. It mentioned that some options could be restricted and the corporate could be “slower to reply” to customers and builders requesting help in consequence. 

Twitter’s safety practices have come underneath the highlight following the assault. Two former staffers instructed the Monetary Instances that a whole bunch of workers had entry to necessary administrative instruments. A Bloomberg report steered that some Twitter contractors have prior to now used these instruments to spy on celebrities. 

The hackers took over the accounts of 130 folks and companies — together with US Democratic presidential candidate Joe Biden, former president Barack Obama, Tesla chief government Elon Musk, Amazon chief government Jeff Bezos, and actuality star and entrepreneur Kim Kardashian — and posted messages soliciting bitcoin. 

Earlier this month, Twitter mentioned that the personal messaging inboxes of as many as 36 accounts had been accessed by the hackers, whereas the info related to seven of them was downloaded. 

Each the FBI and New York state have introduced investigations into the incident.


Please enter your comment!
Please enter your name here