Twitter promises to add more security training and measures due to the massive hack on Wednesday (July 15) that hit 130 accounts including celebrities.
It has been reported by Twitter that it is continuing its investigation into the hack while it looks to provide more company-wide security training against social engineering tactics.
However, this will be in addition to cybersecurity coaching they get during onboarding and ongoing phishing exercises.
Around 130 accounts were compromised on Wednesday when hackers took over prominent Twitter accounts in a Bitcoin hoax. Those compromised included US presidential candidate Joe Biden, reality TV star Kim Kardashian, former US President Barack Obama, and billionaire Elon Musk as well as several crypto firms like Binance, Coinbase, Bitfinex, and Gemini.
As investigations continue, @Twitter vows more security training for employees and prevent another hack https://t.co/cNV9ytRz4x — Cointelegraph (@Cointelegraph) July 18, 2020
“We’re acutely aware of our responsibilities to the people who use our service and to society more generally. We’re embarrassed, we’re disappointed, and more than anything, we’re sorry. We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice. We hope that our openness and transparency throughout this process, and the steps and work we will take to safeguard against other attacks in the future, will be the start of making this right.”
Also, Twitter said that the hackers were able to view personal information like e-mail addresses and phone numbers although the social media platform noted previous account passwords were not accessed. Additional information from accounts taken over by the hackers may have been viewed as well.
Moreover, Twitter stated that the attackers targeted employees by using schemes intentionally manipulating them to perform certain actions and divulging confidential information.
Hackers used Twitter employees’ credentials to access internal systems, that’s why even accounts with two-factor protections were compromised. This affected only 130 accounts but hackers changed passwords to 45 of those accounts. Some usernames may have been sold.
A report from The New York Times said the hackers were a group of young people and they had planned the attack in a Discord server.
As per the report, Twitter said that forensic investigation into the hack continues and the company is fully cooperating with law enforcement. However, Twitter had been looking for senior security engineers before the breach.
Some users even found hidden messages in some transactions.
Thus, these transactions lead to wallets associated with Coinbase and BitPay.