Twitter says hackers downloaded data from up to 8 accounts – CNET

Twitter stated late Friday that hackers who hijacked the accounts of high-profile users collectively with used US President Barack Obama and Microsoft founder Invoice Gates to tweet out a bitcoin scam this week furthermore downloaded the records from as a lot as eight accounts.

The company did no longer title who owned the accounts, but stated they weren’t verified. Obama, Gates and other infamous users equivalent to Tesla CEO Elon Musk and rapper Kanye West who had their accounts compromised hang verified Twitter accounts. When a particular person downloads their Twitter knowledge, it contains mutter messages, images, videos, their take care of book and other knowledge.

“In conditions the set up an story used to be taken over by the attacker, they’ll even hang been able to glimpse extra knowledge,” Twitter stated in a blog submit on Friday night. “Our forensic investigation of these actions is composed ongoing.”

Politicians and cybersecurity specialists hang raised issues in the wake of the frequent hack that the mutter messages of a pair of of essentially the most extremely effective other folks on this planet would perhaps per chance even hang been accessed at some stage in the attack on Wednesday. If there’s sensitive knowledge in these messages, hackers would perhaps per chance teach it for blackmail or ransomware. Twitter’s mutter messages don’t appear to be pause-to-pause encrypted, which would hang averted employees from studying the personal messages.

On Thursday, Twitter stated that the company believes that hackers centered the Twitter accounts of 130 users. Twitter stated Friday that hackers hang been able to reset the passwords of 45 accounts, giving them the flexibility to log into the accounts and tweet. The attackers would perhaps per chance even hang tried to sell a pair of of the usernames as nicely.

The company stated it believes the attackers weren’t able to glimpse a particular person’s earlier passwords. They hang been able to glimpse personal knowledge collectively with e-mail addresses and mobile phone numbers, Twitter stated.

Twitter declined a requirement for a stout checklist of the centered accounts in mild of its ongoing investigation, by which or no longer it is “continuing to assess whether or no longer non public knowledge associated to those accounts used to be compromised.”

Even despite the undeniable truth that Twitter has confronted the discipline of cryptocurrency scams prior to now, the scale of Wednesday’s attack is new, casting a highlight on the skill security vulnerabilities of the widespread social media platform. Twitter stated it thinks that attackers hang been able to avoid the story’s security protections equivalent to two-part authentication after they “efficiently manipulated a slight preference of employees and vulnerable their credentials to accept proper of entry to Twitter’s within programs.” The company did no longer notify if the employees hang been tricked into handing over these credentials or hang been bribed.

On Wednesday, the accounts of dozens of internationally nicely-known figures spanning tech, politics and entertainment posted an identical tweets soliciting donations thru Bitcoin. Apple, Uber and other businesses hang been furthermore caught up in the sprawling hack, which Twitter later attributed to a social engineering attack on its employees. 

“Everybody looks to be asking we to present abet, and now would perhaps per chance per chance be the time,” a now-deleted tweet from Gates’ stated, pledging to double all payments to a Bitcoin take care of for the following 30 minutes.

“I’m feeling generous as a consequence of Covid-19,” Musk’s tweet stated. “I will double any BTC price sent to my BTC take care of for the following hour. Moral honest correct fortune, and pause safe accessible!” The full tweets hang been ensuing from this truth deleted and verified Twitter accounts, these with a blue verify, hang been fleet silenced.

As nicely as to Twitter, the FBI furthermore announced the originate of probe into the hacking incident.