The Twitter hackers who breached the accounts of Barack Obama, Bill Gates, Elon Musk, and more than 100 other targets accessed the direct message inboxes of up to 36 of the victims, the social media giant announced on July 22.
“We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the [direct message] inbox, including one elected official in the Netherlands. To date, we have no indication that any other former or current elected official had their [direct messages] accessed,” the company said in a statement.
Direct messages on Twitter are a private form of communication which is never displayed to the public. While Twitter did not reveal which accounts had their inboxes compromised, the news added significant suspense to the incident because the hack impacted the who’s-who in international business and entertainment, including Kanye West, Kim Kardashian, Jeff Bezos and Warren Buffett.
Twitter’s disclosure that there is no indication that “any other former or current elected official had their DMs accessed,” suggests that the inboxes of Joe Biden and Mike Bloomberg, both former elected officials, were not broken into.
Twitter said it had conducted a “complete review of all targeted accounts” before disclosing the news of the compromised inboxes. The company said it would be contacting the owners of the accounts.
On July 15, hackers gained access to 130 Twitter accounts and posted messages containing a common bitcoin scam. The attack generated just over $117,000, prompting cybersecurity experts to assess that the bitcoin scheme was a cover for a more sinister breach.
Twitter said the hackers used social engineering, a low-tech approach which involves manipulating Twitter employees. The attackers gained access to an internal Twitter dashboard available only to support staff and used it to reset the passwords for 45 accounts. The hackers then logged into the accounts and sent tweets on their behalf.
Twitter had announced earlier that the attackers also downloaded the complete Twitter data from eight accounts using the “Your Twitter Data” tool. None of the eight accounts were “verified”, the company said, meaning it did not impact the major business and politics luminaries.
The FBI opened an investigation into the hack. Twitter said it is cooperating with authorities.
While Twitter has had security incidents in the past, the July 15 attack was by far the most brazen and far-reaching. In 2017, a rogue employee briefly deleted President Donald Trump’s account. Last year, a hacker gained access to Twitter CEO Jack Dorsey’s account and posted racist messages.
Twitter’s share price has not been affected by the breach.