Two weeks after a massive breach saw hackers take over some of the most prominent accounts on Twitter — including Barack Obama, Elon Musk, Joe Biden and Bill Gates — the company has published more details about how it happened. While a number of people from the “OGUsers” gray market forum provided details about a “Kirk” who was the source of access to internal tools, it was unclear how they came by that access in the first place.
According to Twitter, the answer is a phone spear phishing attack that targeted a “small number” of employees who did not all have access to management tools. However, attackers then “used their credentials to access our internal systems and gain information about our processes.” Twitter didn’t confirm a report that the access came from finding logins for the admin tool in a Slack channel, but it didn’t quite rule that out either, nor did it provide any clarity about who may have been behind the initial attack.
Twitter also released more details about what the attackers did with that access — targeting 130 accounts, tweeting from 45, accessing the DM inboxes of 36 and copying account data from 7.
By obtaining employee credentials, they were able to target specific employees who had access to our account support tools. They then targeted 130 Twitter accounts - Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.
— Twitter Support (@TwitterSupport) July 31, 2020
via engadget.com
0 Response to "Twitter pins its July 15th breach on a phone spear phishing attack"
Post a Comment