More sensitive information from high-profile Twitter accounts hit by a cryptocurrency scam may have been accessed and could be leaked in the weeks ahead, cyber security experts have warned.
The accounts, which have large Twitter followings, were simultaneously hacked and a message posted encouraging users to send 1,000 dollars (£798) to a Bitcoin address to receive double in return.
Twitter has since confirmed that the attack was the result of a “social engineering” scheme by hackers who targeted Twitter staff with access to the site’s “internal systems and tools”.
I think it would be highly likely that a number of credentials have been stolen by the attackers and we could see more accounts and sensitive information being leaked in the coming weeksDan Panesar, Securonix
The platform said it had restored most functionality and was continuing to investigate, but security experts have warned that as well as gaining access to the accounts to post the tweets, the hackers could have seen other private account information, for example, direct messages.
Dan Panesar, director of UK and Ireland at Securonix, said: “I think it would be highly likely that a number of credentials have been stolen by the attackers and we could see more accounts and sensitive information being leaked in the coming weeks.
“The Twitter hack looks a classic case of insider threat. The insider’s behaviour can be malicious, complacent, or ignorant, which in turn amplifies the impact to the organisation resulting in monetary and reputation loss.”
Twitter is yet to confirm if any other account data was affected by the attack.
But James McQuiggan, security awareness advocate at cyber security firm KnowBe4, agreed that while the attack itself was alarming, cyber criminals gaining access to Twitter’s internal and administrative tools and the high-profile accounts it oversees was “a much larger concerning notion”.
Targeted accounts included Microsoft founder Bill Gates, Democratic presidential candidate Joe Biden and Amazon billionaire Jeff Bezos.
West’s account was hacked twice in the space of an hour with the same message posted.
A number of company accounts, including those of Apple and Uber, were also hacked with the message posted.
Most of the tweets were deleted within a number of minutes, but many had been retweeted thousands of times.
Twitter founder and chief executive Jack Dorsey said in response to the incident: “Tough day for us at Twitter. We all feel terrible this happened.”
According to publicly available blockchain records on Thursday morning, the Bitcoin address linked to the scam had received more than 110,000 dollars (£88,000) from hundreds of transactions.
Twitter said it had taken “significant steps to limit access to internal systems and tools” while it continued its investigation into the incident.
But security experts have also urged Twitter and other social media platforms to consider tightening security measures around those staff who have access to accounts.