#Twitter blames ‘coordinated social engineering attack’ on employees for massive hack

Enlarge Image

A Twitter bitcoin scam that hacked the accounts of prominent users like Barack Obama and Elon Musk Wednesday was the result of a “coordinated social engineering attack,” the social media company said.
AFP via Getty Images

A Twitter bitcoin scam that hacked the accounts of prominent users like Barack Obama and Elon Musk Wednesday was the result of a “coordinated social engineering attack” targeting employees, the social media company said.

The attack led to fake posts from more than a dozen popular accounts and forced the company to race to delete the messages and lockout a much larger network of users as it tried to secure the site.

“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” the company posted on its official Twitter Support account.

“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf,” the company continued. “We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”

All hacked accounts were verified and sent posts out instructing followers to send bitcoin to a specific address in order to receive free bitcoin. The victims included billionaire Bill Gates, Democratic presidential nominee Joe Biden, Kanye West and tech giants like Apple and Uber.

Twitter said it “immediately” worked to take down the tweets and locked down the affected accounts. But the messages were likely widely viewed considering the prominence of the victims.

The company acknowledged that shutting out a much larger group of users was “disruptive” but necessary.

“This was disruptive, but it was an important step to reduce risk,” the company posted. “Most functionality has been restored but we may take further actions and will update you if we do.”

Twitter said it was working to restore account access to their rightful owners but would only turn over the keys “when we are certain we can do so securely.”

“Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing,” the company said. “More updates to come as our investigation continues.”

Wednesday’s attack also alarmed lawmakers responsible for oversight of Silicon Valley’s massive tech companies.

Sen. Josh Hawley (R-Mo.) sent a letter to Twitter CEO Jack Dorsey requesting more information, with questions that include, “Did this attack threaten the security of the President’s own Twitter account?”

“A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” Hawley wrote.