The Twitter accounts of major companies and individuals were compromised on Wednesday in one of the most widespread and confounding breaches the platform has ever seen, all in service of promoting a bitcoin scam that earned its creators nearly $120,000.
Multiple law enforcement investigations, including one from the Federal Bureau of Investigation, are now actively probing the situation over far a deeper concern: that the exploited vulnerability in Twitter’s systems — a result it seems of mid-level employees having powerful access to site-wide admin tools that can fall into the wrong hands — has exposed serious security risks for the platform’s most powerful users. Lawmakers are hounding Twitter for more transparency around the incident, and it seems likely the attack will have longstanding consequences not just for Twitter’s own internal tools and security, but for the broaden cybersecurity industry and every high-profile Twitter user on the platform, too.
We still don’t know how exactly the hack happened or even to what extent Twitter’s own systems were compromised. But following the unprecedented hacks of accounts including President Barack Obama, Joe Biden, Elon Musk, Bill Gates, Kanye West, Michael Bloomberg, and Apple, Twitter took the drastic step of blocking new tweets from every verified user, compromised or no, as well as locking all compromised accounts.
One notable exception in the attack was the account of President Donald Trump. The New York Times is now reporting that Trumps’s account has special protections in place following past incidents — including when a third-party Twitter contractor used internal company tools to deactivate the president’s account in 2017. Those protections may have spared Trump’s account from being taken over, although it is not clear right now whether the hackers even attempted to assume control of his account.
Regardless, the national and international security implications of the Twitter attack are now becoming frighteningly clear, as hackers could have caused far more serious damage with access to such high-profile accounts.
Twitter says it won’t restore access to their owners “until we are certain we can do so securely.” As of Thursday, the company is still working to restore access to locked accounts, although it has confirmed that no password information was stolen by the hackers in control of the affected accounts, seemingly all of which were verified accounts belonging to high-profile companies and individuals. Twitter says that around 130 accounts were targeted, with the attackers managing to take control of a “small subset” of those. Even some accounts not affected by the attack remain locked, as Twitter continues its investigation. Twitter has not yet disclosed whether private and sensitive direct message threads were compromised as part of the account…