You might have heard the news that Twitter was hacked and at the same time Bitcoin scam is also going on. Now it’s clear that Twitter hackers compromised employees’ phones to gain access to the employee panel or the tools.
In early reports, we knew that it was targeted on some employees through a phishing attack. In the same case, we also need to understand that this similar kind of attack can be done through emails as well.
Here the company has updated on their blog regarding the security incident,
The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools. Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools. Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.
So now what? what they are doing to protect your data. In the 21st century, data is the most precious thing in the world. They have also said about securing your data.
- They have made limited access to their internal tools and systems.
- The main section of your data “Your Twitter Data” or the download feature has been impacted.
- They have even said they will be slower to respond to your reports, supports and etc… because now their main challenging part is to secure the system.
- They are increasing the investment in security protocols, techniques and mechanisms.
Hackers compromised Twitter’s system on July 15 for the bitcoin scam. Where they asked people to send bitcoin to a wallet for doubling their coin. Also for this scam, they used high profile accounts.