On Wednesday, Twitter responded to last week’s hack of over 100 very high-profile accounts that the hackers have read the personal messages of 36 accounts. One of the accounts belonged to Netherland’s elected official Geert Wilders.
Twitter said that the social engineering attack also gave hackers access to internal systems and tools. In a tweet and blog post update on the security incident they said that “for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox.”
It’s not clear from Twitter’s announcement. Despite the method which was used, it to help attached gain access to DMs for some time, or at least maybe the hackers didn’t avail themselves of the opportunity for the remaining 94 accounts. Previously, the company has said that they don’t have any evidence that passwords were accessed by hackers.
While Twitter’s messaging system is infamously not well encrypted, however, it remains unclear if reported administrative tools used by the attackers offered access to inboxes. The company declined to provide any details on the immediate aftermath of the attack including sharing any information regarding accessing DMs.
The company has gone forwards to assure users saying that it had “no indication that any other former or current elected official had their DMs accessed.” This is good news considering the accounts of Barack Obama and Joe Biden were among those affected.
Previously, Twitter has claimed the attackers tweeted from 45 verified accounts including that of well-known names as CEOs Elon Musk, former Vice President Joe Biden, and Bill Gates.