Twitter has provided yet another update in its investigation into its Wednesday security incident when a group of hackers breached its backend and started a cryptocurrency scam by using high-profile and verified accounts of Bill Gates, Joe Biden, Barack Obama, Elon Musk and tech companies like Apple and Uber.
Twitter said on Wednesday that the hackers were also able to access 36 direct message inboxes, including one for an elected official in the Netherlands.
Twitter also said that “To date, we have no indication that any other former or current elected official had their DMs accessed”.
Below is the complete timeline of Twitter hack:
- The security incident took place on Wednesday, July 15, 2020.
- Once the hack came to light on Wednesday, Twitter said it blocked all verified accounts from tweeting as it investigated.
- Twitter said hackers used social-engineering to gain access to Twitter employee ac-counts.
- Twitter said hackers got "through" their two-factor protections.
- As per twitter, once hackers accessed the Twitter backend, they used Twitter's own in-ternal tech support tools to interact with 130 accounts in total.
- In those 130 accounts, for 45 accounts, hackers initiated a password reset, logged into the account, and sent new tweets to promote their cryptocurrency scam.
- Twitter said it believes hackers also tried to sell access to some hijacked Twitter ac-counts, due to highly-coveted usernames.
- As per Twitter, hackers were also able to view information such as email addresses and phone numbers for the targeted accounts.
- For eight accounts, hackers downloaded account data through the "Your Twitter Data" feature.
- Twitter said hackers accessed direct messages (DMs) for 36 accounts, including 1 elect-ed official in the Netherlands.