IP Clarity Ltd - Scotland Cyber Security Provider

View Original

Twitter breached - major cyber attack 16th July - all users impacted

Major cyber attack on Twitter being reported by various new outlets, celebrity Twitter accounts taken over and messages sent out requesting money.

What is unusual is that it appears that Twitter employees have succumbed to Social Engineering and allowed the Hackers to access their own staff Twitter Admin accounts and thus gain direct control over the main Twitter core systems.

This is indeed very serious and concerning for all Twitter users,

please check the advice from Twitter and reset your password immediately, make sure you have 2 factor authentication switched on. This must be done for all Twitter Personal and Business accounts.

If you have reused your Twitter password anywhere else, change that too to a different password.

Be aware of potential scams from Twitter, any messages asking for money or linking to external websites, please check before you click.

The UK National Cyber Security Centre has published guidance on this:

An NCSC statement on the reported attack on Twitter (16th July 2020)

We are aware of a cyber attack on Twitter and have reached out to the company.

While this appears to be an attack on the company rather than individual users, we would urge people to treat requests for money or sensitive information on social media with extreme caution.

The NCSC has recently produced guidance for organisations on protecting what they publish on social media, and more widely we would remind people of our advice on staying secure through measures such as strong passwords and turning on two-factor authentication (2FA).

Further information

  • The company has published a thread that is updating users about the incident. At 3.38am they tweeted to say they have locked accounts that were compromised and will restore access to the original account owner only when they are certain they can do so securely.

  • Twitter have said that they detected what they believe to be a co-ordinated social engineering attack by people who successfully targeted some of their employees with access to internal systems and tools. The NCSC has published advice for developers here and on protecting management interfaces here.

  • The company has said the attackers used this access to take control of many highly-visible accounts and tweet on their behalf.