Earlier today, Twitter was slammed with a hack that involved several high profile accounts simultaneously posting a Bitcoin wallet address and a scam domain, encouraging followers to send in some of their cryptocurrency. Though we’ve seen similar attacks in the past, none have been this large in scope — many major accounts were compromised, including ones belonging to Bill Gates, Elon Musk, Jeff Bezos, Joe Biden, and Apple. Now Twitter is back with an update.
Around 5:45 PM ET on July 15, Twitter published a tweet on its Support account stating that it was aware of the ‘security incident’ and it was investigating. At the time, Twitter disabled the ability for users to reset their passwords while it tried to track down how the hackers managed to get into all of these accounts — as expected, ordinary users couldn’t change their passwords as a result.
In its most recent update around 7 PM ET, Twitter said that it is still limiting users’ ability to publish tweets and reset their passwords. As well, ‘some other account functionalities’ have also been limited as the company investigates the cause of this issue. No additional official details have been provided by Twitter, but sources are already alleging what went wrong.
In a report on Wednesday, VICE claimed that hackers are passing around screenshots of an internal admin tool used by Twitter — the same tool the sources allege was used to pull off this latest hack. What remains unknown is whether the illicit use of this tool — assuming the sources are correct — was performed by a Twitter employee or someone else who somehow got access to the control panel.
The issue highlights concerns over the potential consequences of security breaches involving major tech companies. Hackers could potentially hijack accounts as in this example, while other concerns revolve around the potential for intruders to get access to sensitive private information about users.