Twitter notifies Irish DPC about hack

Social media company Twitter has officially informed Ireland’s Data Protection Commissioner (DPC) of a cyberattack involving high-profile accounts.

The DPC is reviewing the notification and has yet to decide if to launch an investigation into the incident, according to media reports.

In a data breach last week attackers targeted around 130 accounts of global political and business leaders, reportedly including ex-US President Barak Obama, presidential candidate Joe Biden and businessman Elon Musk.

The hackers used the accounts they compromised to claim they would send $2,000 for every $1,000 sent to an anonymous Bitcoin address. 

Twitter says the attackers successfully manipulated a small number of employees and used their credentials to access internal systems, including getting through Twitter’s two-factor protections. 

For 45 of the targeted accounts, the hackers initiated a password reset, logged in, sent tweets and might have attempted to sell some of the usernames. The company locked the compromised accounts to regain control of them.

“We are continuing our investigation of this incident, working with law enforcement, and determining longer-term actions we should take to improve the security of our systems,” said Twitter.

 


Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.