Twitter says that up to 8 accounts stole your personal data in a massive hack


Twitter (TWTR) He said in a blog post that the hackers had downloaded the data using a tool that includes a private message file. The company said these eight accounts were not verified accounts, meaning the highest-profile figures affected by this week’s hack have not been downloaded. However, it is unclear whether your data, including private messages, was accessed in other ways.

The jaw-dropping hack compromised VIP accounts ranging from former President Barack Obama and presumed Democratic presidential candidate Joe Biden to billionaire businessmen Elon Musk and Jeff Bezos. Influential accounts were used to promote a Bitcoin scam.

As serious as the security incident was, some cybersecurity experts and policymakers feared that the scam could mask a far more troubling data breach involving the personal communications of some of the world’s most powerful people. Twitter’s latest update could alleviate that particular concern, though the company hasn’t precisely said what, if any, information was accessed through verified accounts.

Twitter said the attackers had attacked 130 accounts. Of these, 45 accounts were successfully breached, Twitter said.

The company also said Friday night that several of its employees had been attacked by hackers to gain access to internal systems.

“Attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including through our two-factor protections. As of now, we know they have accessed tools that are only available to our internal support teams, “said Twitter. .

Members of Congress, cybersecurity experts and Twitter itself have been searching for answers on how the hack happened.

Federal investigators are looking at images circulating online with the intention of showing a screenshot of a Twitter internal control system connected to the hack, law enforcement sources told CNN. The tool seemed to include the ability to change the email address associated with a Twitter account, which could allow a Twitter account to be taken.

Twitter has removed the tweets with the images from its platform, according to the people who have posted them. A Twitter spokesperson told CNN on Friday that it was removing images that included personal or private information.

The spokesman did not say whether the images actually showed an internal Twitter system, citing Twitter’s ongoing investigation.

The former Twitter employees told CNN they acknowledged that the images showed an internal control system, sometimes referred to by Twitter staff as “agent tools.” This internal tool is designed for employees to handle customer service requests and moderate content, said a person familiar with Twitter security.

A Twitter spokesperson confirmed that the company has been in contact with the FBI.

.