Twitter says attackers accessed inbox of 36 accounts in widespread hack

That includes the Twitter direct messages of an elected official in the Netherlands.

Sareena Dayaram Senior Editor
Sareena is a senior editor for CNET covering the mobile beat including device reviews. She is a seasoned multimedia journalist with more than a decade's worth of experience producing stories for television and digital publications across Asia's financial capitals including Singapore, Hong Kong, and Mumbai. Prior to CNET, Sareena worked at CNN as a news writer and Reuters as a producer.
Expertise Huawei, Oppo, smartphones, smartwatches Credentials
  • More than a decade of journalism experience
Sareena Dayaram
3 min read
James Martin/CNET

A week after hackers hijacked dozens of high-profile Twitter accounts including former US President Barack Obama and Microsoft founder Bill Gates , the social media company revealed Wednesday that attackers managed to gain access to the direct messages of 36 of those accounts.

The social media company also said the Twitter inbox of one elected official in the Netherlands had been accessed, but that there was "no indication that any other former or current elected official had their DMs accessed." It's unclear whether the attackers were able to compose and send messages to other users, in addition to being able to view direct messages. 

The Twitter accounts of 130 users were targeted as part of a bitcoin scam last Wednesday, when hackers posted tweets soliciting donations via bitcoin  after taking control of those accounts. The accounts targeted included dozens of internationally famous figures spanning politics, tech and entertainment. 

Although Twitter has run into problems with cryptocurrency scams in the past, the scale of this hack appears unprecedented, drawing international scrutiny to the security vulnerabilities of one of the world's most popular social media platforms. Twitter declined a request for a full list of the targeted accounts, citing its ongoing investigation. 


Twitter CEO Jack Dorsey tweeted this thread in the aftermath of July's sprawling hack.

Screenshot by Sareena Dayaram/CNET

"Everyone is asking me to give back, and now is the time," read a tweet from Gates' account, which promised to double all payments to a Bitcoin address for the next 30 minutes.

A tweet from Tesla CEO, Elon Musk said, "I'm feeling generous because of Covid-19," Musk's tweet said. "I'll double any BTC payment sent to my BTC address for the next hour. Good luck, and stay safe out there!" 

All tweets were subsequently deleted and verified Twitter accounts, those with a blue checkmark, were temporarily silenced as part of the company's initial responses to the hack. Still, the brazen hack along with Twitter's response have sparked fresh concerns from cybersecurity experts that social media platforms, which have become an increasingly important source of news and information, are unable to keep their operations secure.

Last Friday, Twitter disclosed that 45 accounts had tweets sent out by attackers and eight non verified accounts had data downloaded from them. Obama, Gates, Musk and other VIP users such as Amazon founder Jeff Bezos and rapper Kanye West, who had their accounts compromised, all have verified Twitter accounts. When users download their Twitter data, it includes photos, videos, an address book and other information -- and even direct messages, which means hackers have been privy to a total 44 Twitter inboxes.

Twitter believes that the attackers were able to circumvent security protections after they "successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems." The company didn't disclose if the employees were tricked into handing over these credentials or were bribed.

More than a thousand Twitter employees and contractors may have had access to the internal tools that could change account settings and hand over control to other people, Reuters reported. Access to accounts for national leaders was reportedly limited after a contract employee in 2017 briefly deactivated President Donald Trump's account