Twitter ’embarrassed’ says last week’s hack targeted 130 accounts


OAKLAND, California – Twitter says the hack that compromised the accounts of some of its highest-profile users was targeted at 130 people. Hackers were able to reset the passwords for 45 of those accounts.

The San Francisco-based company said in a blog post on Saturday that up to eight of these accounts attackers also downloaded account information through the “Your Twitter Data” tool. None of the eight were verified accounts, Twitter said, adding that it is contacting the owners of the affected accounts.

“We are ashamed, disappointed, and most of all, we are sorry. We know that we must work to regain their trust, and we will support all efforts to bring those responsible to justice, “Twitter TWTR,
+ 1.50%
he said in the blog post.

The July 17 attack broke into the Twitter accounts of world leaders, celebrities, and tech moguls in one of the highest-profile security breaches in recent years. The attackers sent tweets from the accounts of the public figures, offering to send $ 2,000 for every $ 1,000 sent to an anonymous bitcoin address.

He highlighted a major flaw with the service that millions of people have come to trust as an essential communication tool.

Allison Nixon, director of investigation for cybersecurity firm 221B, said in an email Sunday that the people behind the attack appear to come from the “OG” community, a group interested in short and original Twitter identifications such as @a, @ bo @ c, for example.

“Based on what we have seen, the motivation for Twitter’s latest attack is similar to the previous incidents we have observed in the OG community: a combination of financial incentives, technical fanfare rights, defiance and disruption,” Nixon wrote. “The OG community is not known to be linked to any nation state. Rather, they are a disorganized criminal community with a basic skill set, and they are a poorly organized group of serial scammers. ”

While this attack didn’t seem to go beyond bitcoin BTCUSD,
+ 0.17%
The ruse, at least for now, raises questions about Twitter’s ability to secure its service against electoral interference and misinformation before the United States presidential election.

“Entire markets and potentially elections can be manipulated or altered in this way,” said Nixon. “Victims of account acquisitions generally do not know that fraud has occurred, and generally cannot take security precautions to prevent it.”

.