The hackers who last week compromised Twitter in a breach that saw the hijack high-profile accounts to promote a bitcoin scam have accessed the direct messages of 36 accounts.
According to a Twitter announcement published late Wednesday, its ongoing investigation of the 130 accounts the hackers accessed after gaining access to its internal systems found that up to 36 accounts may have seen the attackers access their inbox.
While these accounts weren’t disclosed to the public, Twitter revealed they include one elected official in the Netherlands. The Verge reports that anti-Islam politician Geert Wilders had his account hacked and retweeted conspiracy theories last week. Whether these incidents are related is unclear.
We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox, including 1 elected official in the Netherlands. To date, we have no indication that any other former or current elected official had their DMs accessed.
— Twitter Support (@TwitterSupport) July 22, 2020
Twitter pointed out that it has “no indication” any other former or current elected official had their DMs accessed, likely referring to former U.S. President Barack Obama and current presidential candidate Joe Biden.
CoinDesk reports that its primary Twitter account was one of the 36 that was accessed and that it has yet to regain access to its account. The hackers were reportedly also able to access the email addresses, phone numbers, and possible “additional information” related to these accounts.
Twitter’s update comes a week after it suffered a major attack that saw hackers hijack dozens of high-profile accounts, including those of Elon Musk, Apple, Uber, CoinDesk, Binance, Bill Gates, Barack Obama, and more. The hack netted the attackers over $120,000 worth of bitcoin, which they have since moved to mixing services and tried to launder via gambling and peer-to-peer platforms.
Coinbase and other prominent cryptocurrency exchanges reportedly stopped their users from sending a lot more BTC to the hackers by blacklisting their address after realizing what was going on. The FBI is now investigating the case.
🔹130 total accounts targeted by attackers
🔹45 accounts had Tweets sent by attackers
🔹36 accounts had the DM inbox accessed
🔹8 accounts had an archive of “Your Twitter Data” downloaded, none of these are Verified
— Twitter Support (@TwitterSupport) July 23, 2020
The fake bitcoin giveaway promoted after Twitter’s systems were breached could, according to security experts, have been a cover for other malicious activity.