This archive report was first published on 31 July 2020.
On July 31, 2020, Twitter disclosed that a recent breach of its internal systems was caused by a targeted spear-phishing attack on a small number of employees.
The attackers used a phone-based spear-phishing technique to target specific employees with access to account support tools, ultimately gaining access to Twitter's internal systems on July 15.
As a result, hackers were able to tweet from 45 accounts, access the inbox of 36, and download data from seven Twitter accounts.
The hackers also targeted prominent users, including US presidential candidate Joe Biden, reality TV star Kim Kardashian, former U.S. President Barack Obama, and billionaire Elon Musk, using their accounts to solicit digital currency.
According to publicly available blockchain records, the scammers received over $100,000 worth of cryptocurrency.
Twitter has since restricted access to its internal tools and systems, but the incident highlights the vulnerability of social media platforms to targeted attacks.