Survivalism & Self Sufficiency Topics > Communications

Twitter Has Biggest Security Breach in History - All Accounts May be Compromised

<< < (2/3) > >>

iam4liberty:
Maybe he should spend less time playing political games and more time doing his job like securing the platform from attacks.

Mr. Bill:
From Twitter Support, an hour ago:
https://twitter.com/TwitterSupport/status/1283591844962750464


--- Quote ---Our investigation is still ongoing but here’s what we know so far:

We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.

Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.

We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.

This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.

We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.

Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.
--- End quote ---

iam4liberty:
It took hours for twitter to regain control.  They likely downloaded all DMs for these accounts.

https://www.newsweek.com/twitter-bitcoin-hack-direct-messages-stolen-1518247
Twitter DMs of Obama, Musk and Biden Could Have Been Stolen in Hack, Experts Warn

Screenshots of a backend panel that were circulating on social media appeared to show the culprits had the ability to change the credentials of impacted accounts, which posed one big question: what else did hackers have access to, and for how long?

"Absolutely, 100 percent that the DMs could have been compromised," Jackie Singh, founder of Spyglass Security, told Newsweek. "I mean it looks like they had 'god mode' with seemingly few limitations and we don't know how long they had it for."

Stwood:

Wow. Wake up twitter................

I don't have an account there to worry about.

iam4liberty:
They likely had access for days.

https://krebsonsecurity.com/2020/07/whos-behind-wednesdays-epic-twitter-hack/
Who’s Behind Wednesday’s Epic Twitter Hack?

In the days leading up to Wednesday’s attack on Twitter, there were signs that some actors in the SIM swapping community were selling the ability to change an email address tied to any Twitter account. In a post on OGusers — a forum dedicated to account hijacking — a user named “Chaewon” advertised they could change email address tied to any Twitter account for $250, and provide direct access to accounts for between $2,000 and $3,000 apiece.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version