On Friday evening, Twitter issued its first full blog post about what happened after the biggest security lapse in the company’s history, one that led to attackers getting hold of some of the highest profile Twitter accounts in the world – including Democratic presidential candidate Joe Biden, President Barack Obama, Tesla CEO Elon Musk, Microsoft co-founder Bill Gates, Kanye West, Michael Bloomberg, and more.
The bad news: Twitter has now revealed that the attackers may indeed have downloaded the private direct messages (DMs) of up to 8 individuals while conducting their Bitcoin scam, and were able to see “personal information” including phone numbers and email addresses for every account they targeted.
They may even have DMs that the 8 individuals deleted, given that Twitter stores DMs on its servers as long as either party to a conversation keeps them around – we learned last February that you can retrieve deleted DMs by downloading the “Your Twitter Data” archive, even if you’ve deleted them yourself. The archive can also include other personal information like your address book and any images and videos you may have attached to those private messages as well.
Twitter says that attackers may have downloaded that entire “Your Twitter Data” archive for those 8 individuals.
The good news: none of those 8 accounts were verified users, meaning that none of the high-profile individuals targeted had their data downloaded. It’s still possible that the hackers looked at their DMs, but no, Democratic presidential candidate Joe Biden and others probably didn’t just get their DMs stolen outright.
According to Twitter, hackers targeted 130 accounts, successfully triggered a password reset, logged in, and tweeted from 45 of them, and only attempted to download data for that “up to eight” non-verified accounts.
But even for the 130 accounts including high-profile ones like the Democratic presidential candidate, Twitter says they may have been able to see personal information. Twitter also allows logged in users to see a location history of the places and times that they’ve logged in, as an example.
There are many, many questions and serious investigations still ahead.
You can read Twitter’s full blog post here.
TPMS Programming Tool