In an update to its admission that professional hackers compromised its platform on July 15, social media giant Twitter said on Thursday that the hackers targeted employees by using a “phone spear fishing attack”.
In a statement on its blog, Twitter said that tweets were put out from 45 accounts of personalities, such as former United States President Barack Obama, SpaceX founder Elon Musk and Microsoft co-founder Bill Gates, seven had their full set of Twitter data downloaded. The direct message inbox of 36 accounts was accessed.
“Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes,” the company said. “This knowledge then enabled them to target additional employees who did have access to our account support tools.”
Twitter asserted that access to its proprietary tools, used to help with a variety of support issues as well as to review content in line with Twitter Rules, is limited to very few employees. “We have zero tolerance for misuse of credentials or tools, actively monitor for misuse, regularly audit permissions, and take immediate action if anyone accesses account information without a valid business reason,” the company claimed. Twitter said it is constantly updating and improving upon these tools and controls.
The social media company said it has directly contacted each of the affected accounts, and restored access to any accounts that were temporarily locked due to the security breach. It said it is working with law enforcement authorities to ensure that those who perpetrated the hack are brought to account.
The company added that it has “significantly limited access” to its internal tools and systems following the security breach. Therefore, some features on the website have been affected. “We will be slower to respond to account support needs, reported Tweets, and applications to our developer platform,” Twitter said. “We will gradually resume our normal response times when we’re confident it’s safe to do so.”
According to Bloomberg, the hackers contacted at least one Twitter employee over the phone to try to gain access to user support tools. Last week, Twitter employees had to take an online security training course, covering phishing techniques, including phone calls.