Although less scandalous compared to Facebook, Twitter has had its fair share of PR messes that involved security, privacy, safety, and free speech over the years. Last week, however, it found itself in what may be the company’s highest-profile scandal yet, especially considering it involved the hacking of very high-profile accounts. Unsurprisingly, the company has been very careful in what it disclosed about the hacking incident and has only now admitted than dozens of these high-profile accounts, including one from an elected official in the Netherlands, had their private direct messages accessed by the culprits.
It all started with a very obvious bitcoin scam that wouldn’t have gotten so much attention had it not involved the Twitter accounts of the likes of Elon Musk, Jeff Bezos, Apple, Uber, and more. Twitter later disclosed that 130 accounts were compromised by the hacking incident, including the Netherland official, but the situation may have actually been worse than initially reported.
The social media giant just now revealed that of those 130 accounts, 36 had their DMs accessed. What the hackers did with that data is still unknown as is the reason for not having accessed all 130 accounts’ messages. Twitter’s direct messaging system offers no encryption protection so it’s more surprising that the hackers only got to 36.
This might be the most damning revelation considering it has given the hackers access to potentially intimate discussions. Most of what the hackers have been able to get away with included personal information, phone numbers, and email addresses, important yet almost too common data that get stolen in hacking incidents.
Twitter has squarely blamed the matter on social engineering that tricked Twitter employees into handing over credentials that were then used to access the company’s internal systems. Twitter is already under heavy criticism and scrutiny over the hacking incident but this new information could land it in even more trouble with governments.