Twitter has revealed even more frightening facts from the ongoing investigations after some hackers had access to sensitive data on its network. The microblogging company said hackers were able to access the DMs of up to 36 accounts, including that of an elected official from the Netherlands.
In a tweet on Wednesday, the microblogging company said while its investigation continues, it wanted to be more specific about the type of information the hackers had access to.
“We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox, including 1 selected official in the Netherlands. To date, we have no indication that any other former or current elected official had their DMs accessed.”
The name of the Dutch elected official affected by the hack remains anyone’s guess, but a local media had last week reported that far-right, anti-Islam politician Geert Wilders, had his account hacked. Speculations were further fueled by a hacker who was interviewed on Dutch Radio who claimed to have access to Wilder’s DMs at the time.
Last Thursday, Twitter issued its first full official statement following last week’s hack that affected a lot of its users including some high-profile accounts. In its first full blog post since the incident occurred, the microblogging platform said the attackers may indeed have downloaded the direct messages of up to eight users while carrying out their act. Sadly too, the hackers also had access to phone numbers, email addresses of every account they targeted.
Twitter said hackers were able to gain access to their targets through a social engineering scheme. Social engineering in this case, is a situation where some Twitter staff were intentionally manipulated to perform “certain actions and divulging confidential information.”
We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox, including 1 elected official in the Netherlands. To date, we have no indication that any other former or current elected official had their DMs accessed.
— Twitter Support (@TwitterSupport) July 22, 2020
Following the manipulation, hackers, according to Twitter, were able to access tools only restricted to its internal support teams. This gave them access to 130 Twitter accounts, and thus initiated a password reset, login to the account, and sent tweets. While this may sound worrying, it gets even worse as Twitter said it is still conducting its forensic review of all of the accounts to confirm all actions that may have been taken by the hackers.
Yet more disturbing details of what took place behind the scene were revealed in the blog post by the microblogging platform as it said hackers now have access to account information of eight unverified users. The hackers were able to do this through your “Your Twitter Data;” a tool designed to provide you with a summary of your Twitter account details and activity.