Twitter says Bitcoin hackers gained access to its ‘internal systems and tools’
  • Twitter said Wednesday that a “coordinated social engineering attack” was behind a hack that compromised high-profile accounts.
  • The attack “successfully targeted some of our employees,” the company said, giving hackers access to “internal systems and tools.”
  • The company appeared to discount allegations that the attack was knowingly enabled by one of its employees, as one outlet had claimed.
  • A Twitter spokesperson told Business Insider that the company’s “investigation continues and we hope to have more to share there soon.”
  • Visit Business Insider’s homepage for more stories.

Twitter announced Wednesday that hackers had targeted its employees, enabling them to access “internal systems and tools” that led to the compromise of some of the most popular accounts on the social network.

The company said a “coordinated social engineering attack” had “successfully targeted some of our employees.” This appears to contradict with a report from Motherboard that alleges that the hack was knowingly enabled by one of its workers. The outlet’s claim was based on an interview with a purported hacker, and it has not been confirmed.

Asked about the Motherboard story, a Twitter spokesperson told Business Insider that the company’s “investigation continues, and we hope to have more to share there soon.”

The attack began Wednesday with several high-profile accounts, from Joe Biden to Kim Kardashian, posting links to a Bitcoin account. Users were asked to send the account money — and promised they would receive twice as much back.

The perpetrators claim they made more than $118,000.

The hack revealed that Twitter employees enjoy a good deal of control over users’ accounts — raising questions about security beyond what a user can access. The internal tools that were exploited allow employees to both suspend accounts and reset the email addresses associated with them.

“Internally,” the company said Wednesday, “we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing.”

In 2017, a contractor working with Twitter’s Trust and Safety division was able to shut down President Donald Trump’s account for 11 minutes after it was reported. And in 2019, two former Twitter employees were charged by the Department of Justice with spying for Saudi Arabia by mining personal information from accounts.

Alex Stamos, director of the Stanford Internet Observatory, gave The New York Times several theories for how the hackers could have accessed the account and said that it appeared to have come internally from Twitter’s system, as opposed to users’ individual accounts being compromised through a password.

“It could have been much worse,” Stamos said. “We got lucky that this is what they decided to do with their power.”

Have a news tip? Email this reporter:

Read More