The perpetrators of the megahack at social network service Twitter, the day before yesterday, tried to attack about 130 accounts. A small part of them managed to take over the profiles and post tweets. Twitter states that it is cooperating with the victims and that it is investigating whether “non-public data” has been captured.
The hackers claim they had access to private messages from the victims. They took over the accounts of US presidential candidate Joe Biden, former president Barack Obama, rapper Kanye West, socialite Kim Kardashian, businessmen like Bill Gates, Jeff Bezos and Elon Musk as well as companies like Apple and Uber. They used them to entice people to transfer bitcoins. On the accounts suddenly appeared calls to transfer bitcoins to a virtual account to get more bitcoins back.
One or more Twitter employees gave the hackers access to the internal systems behind the service. This allowed them to disable the security of the accounts.
According to experts, the perpetrators with access to accounts of prominent Americans could have caused much more chaos. Twitter says it is taking “aggressive measures” to secure its systems and is figuring out what is needed in the long run.
The US national police service FBI is investigating, Reuters news agency reported last night on the basis of insiders. The US parliament, meanwhile, is demanding clarification from the company of the startling security incident. Twitter should provide text and explanations in a week, but the company says it has no evidence that hackers had access to passwords.
Twitter said it has no evidence that hackers also had access to passwords. “We do not currently think it is necessary to change your password,” the messaging agency said after yesterday’s incident.
Twitter says that precautionary accounts have been locked that have attempted to change the password in the past 30 days. If people don’t get access to their account, it doesn’t automatically mean that the hackers struck there. The company wants to give people back control of their accounts as soon as possible, but that may take a while because it requires checking whether access is granted to the rightful owner.