Twitter notifies Irish DPC about hack

Social media company Twitter has officially informed Ireland’s Data Protection Commissioner (DPC) of a cyberattack involving high-profile accounts.

The DPC is reviewing the notification and has yet to decide if to launch an investigation into the incident, according to media reports.

In a data breach last week attackers targeted around 130 accounts of global political and business leaders, reportedly including ex-US President Barak Obama, presidential candidate Joe Biden and businessman Elon Musk.

The hackers used the accounts they compromised to claim they would send $2,000 for every $1,000 sent to an anonymous Bitcoin address. 

Twitter says the attackers successfully manipulated a small number of employees and used their credentials to access internal systems, including getting through Twitter’s two-factor protections. 

For 45 of the targeted accounts, the hackers initiated a password reset, logged in, sent tweets and might have attempted to sell some of the usernames. The company locked the compromised accounts to regain control of them.

“We are continuing our investigation of this incident, working with law enforcement, and determining longer-term actions we should take to improve the security of our systems,” said Twitter.

 


We’re now live at PrivSec Global!
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.

Register your virtual seat today and gain access to the entire event free of charge. With all sessions available to view live or on-demand, you can build a personalised agenda based on your key focus topics and make the event fit around your work schedule.

Secure your seat

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.