Hackers broke into the Twitter accounts of world leaders, celebrities and tech moguls on Wednesday in one of the most high-profile security breaches in recent years, highlighting a major flaw with the service millions of people have come to rely on as an essential communications tool.
The intent of the hack appeared to be to steal money from unsuspecting cryptocurrency enthusiasts — in particular, by using the compromised high-follower accounts to scam people out of Bitcoin. But it also raises questions about Twitter's ability to secure its service against election interference and misinformation ahead of the U.S. presidential election.
Here are some questions and answers about the breach:
What happened — and how?
On Wednesday afternoon, the Twitter accounts of famous figures began tweeting similar messages saying they were “feeling generous” and would double any Bitcoin payments sent to an address in the tweet. Among the individual accounts affected were former President Barack Obama, Democratic presidential candidate Joe Biden, tech billionaires like Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk and celebrities such as Kanye West and his wife, Kim Kardashian West.
Companies like Apple and Uber, which respectively have 4.6 million and one million followers, were also affected.
Twitter soon locked down many accounts, including those of its “verified” users with blue check marks next to their names — a group that include many U.S. politicians as well as businesses, celebrities, journalists and news organizations. Twitter called the hack a “coordinated social engineering attack" by unknown people who “targeted” Twitter employees with access to the platform's internal systems and tools.
The hackers, Twitter said, used this access to take control of many high-profile accounts and masquerade as their owners.
What is social engineering?
Essentially, social engineering means taking advantage of human nature. Examples include phishing attacks and other ways people can be tricked into giving out compromising information, malware attacks that get people to download malicious software, and compromising people by offering something in return for information. Twitter did not say how its employees were compromised.
Could the attack have been prevented?
Twitter said late Wednesday it has taken “significant steps” to limit employees’ access to internal systems and tools while its investigation is ongoing. But this is not the first time Twitter employees have wrecked havoc.
In 2017, a disgruntled employee deactivated President Donald Trump’s account for a few minutes. Last year, U.S. prosecutors charged two former Twitter employees with spying on user data for the government of Saudi Arabia. The incidents raise questions about Twitter’s internal security systems, and whether the company can trust employees with access to sensitive information.
What does the hack mean for the 2020 election?
The hack might be a simple demonstration of Twitter’s weak security controls as the U.S. heads into the 2020 presidential election, a contest in which social media is already playing a hugely influential role.
Among the political figures targeted, the hack mostly appeared to target Democrats or other figures on the left, drawing comparisons to the 2016 campaign. The White House said that President Donald Trump's account was secure and wasn't jeopardized.
U.S. intelligence agencies have established that Russia engaged in coordinated attempts to interfere in the 2016 U.S. election through social media tampering and various hacks, including targeting the campaigns and major party organizations.
While Twitter, Facebook and other social media companies have since tightened their election security systems and policies, malicious actors trying to intervene have also improved their tactics. In other words, if a Bitcoin scam was so easy to pull off, what will prevent an attack on the U.S. election?