Twitter hack, a good breach that hit 130 accounts, highlights flaw with platform
Twitter says the hack that compromised the accounts of a few of its most high-profile users targeted 130 people. The hackers were able to reset the passwords of 45 of these accounts.
The San Francisco-based company said in a blog page post Saturday that for eight of these accounts the attackers also downloaded the account’s information through the “Your Twitter Data” tool. None of the eight had been verified accounts, Twitter explained, adding that it is contacting the owners of the afflicted accounts.
“We’re embarrassed, we’re disappointed, and more than anything, we’re sorry. We realize that we must do the job to regain your trust, and we'll support all efforts to get the perpetrators to justice,” Twitter explained in the blog post.
The July 17 attack broke into the Twitter accounts of world leaders, celebrities and tech moguls in another of the virtually all high-profile security breaches recently. The attackers delivered tweets from the accounts of the general public figures, giving to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.
It highlighted a significant flaw with the service millions of individuals have come to rely on as an important communications tool.
Allison Nixon, chief research officer in cybersecurity organization 221B said within an email Sunday that the people behind the attack may actually attended from the “OG” community, an organization interested in main, short Twitter handles such as @a, @b or @c, for example.
“Based upon what we've seen,the motivation designed for the newest Twitter attack is comparable to previous incidents we've observed in the OG community _ a mixture of financial incentive, specialized bragging rights, challenge, and disruption,” Nixon wrote. “The OG community is not known to be tied to any nation status. Rather they certainly are a disorganised crime community with a simple skillset and so are a loosely organised band of serial fraudsters.”
While this attack didn't appear go beyond the Bitcoin ruse _ at least for the present time _ it raises questions about Twitter’s capability to secure its services against election interference and misinformation prior to the U.S. presidential election.
“Entire markets and potentially elections could be manipulated or perhaps altered in this manner,” Nixon said. “Victims of account takeovers generally have no idea that the fraud possesses happened, and generally cannot take security precautions to prevent it.”