A recent cyberattack that targeted several prominent Twitter users is sparking fears about the platform’s security and the safety of users’ data.
Sen. Josh Hawley (R-Mo.) penned a letter to Twitter’s CEO Jack Dorsey to inquire about the hack and if users’ personal data was stolen.
“As I write, Twitter seems to be experiencing a large-scale cyberattack, as illustrated by a number of posts inviting users to transfer Bitcoin under fraudulent pretenses,” Hawley wrote.
He noted that some of the prominent accounts affected by the hack included former President Barack Obama, Democratic presidential nominee Joe Biden, billionaire Elon Musk, Apple, and Uber.
Hawley said he was concerned that the hack was not just “a coordinate set of separate hacking incidents but rather a successful attack on the security of Twitter itself.”
He went on to ask Twitter to contact the Department of Justice and the Federal Bureau of Investigation (FBI) regarding the hack. Then he asked Twitter to respond to some questions of his own.
Hawley asked if the hack comprised users’ accounts’ security or Twitter’s security, if accounts with two-factor authentication were “successfully targeted,” and if they were, “How as this possible?”
Additionally, he asked if the account of users who did not share the fraudulent posts were breached.
Hawley also asked, “How many users may have faced data theft as a consequence of this breach?”
And finally, he asked, “Did this attack threaten the security of the President’s own Twitter account?”
Read Hawley’s letter below:
.@jack @Twitter work with the FBI and DOJ to secure your platform. Now. Then give the public an accounting of how much of their personal info you lost today pic.twitter.com/Yn2q4Yr8Xx
— Josh Hawley (@HawleyMO) July 16, 2020
On Wednesday night, Twitter released a series of tweets addressing “what we believe to be a coordinated social engineering attack.”
“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” the platform added.
We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
— Twitter Support (@TwitterSupport) July 16, 2020
In response to the breach, Twitter paused the ability of verified accounts from publishing messages until it determined it was safe to restore access to the accounts.
The FBI’s office released a statement on the incident, “We are aware of today’s security incident involving several Twitter accounts belonging to high profile individuals.”
“The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud. We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident,” the statement added.
