Twitter was forced on Wednesday to put a temporary lock on most, if not all, verified user accounts – which are designated with a blue check mark – after the platform fell victim to a massive hack that targeted some of the largest and most prominent accounts on the platform.
Some of the top accounts that were successfully hacked by an unknown entity included the accounts of Bill Gates, Elon Musk, Barack Obama, Joe Biden, Mike Bloomberg, Kanye West, Apple, Uber, Warren Buffett, Kim Kardashian, Cash App, Floyd Mayweather, and many others.
The accounts posted similar messages that instructed people to send cryptocurrency to the same bitcoin address.
“While it was unclear how the attacks originated or why they kept going, some cyber security experts speculated that someone may have gained access to internal Twitter controls that allowed them to take over accounts and post on their behalf,” The Washington Post reported. “Some of the people who were hacked specified they had turned on two-factor authentication and were using strong passwords, which typically makes any account more difficult to break into.”
People who had verified Twitter accounts were greeted with the following message if they tried to tweet after Twitter put the temporary lockdown in place:
This request looks like it might be automated. To protect our users from spam and other malicious activity, we can’t complete this action right now. Please try again later.
In a statement, the company said, “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly. You may be unable to Tweet or reset your password while we review and address this incident.”
You may be unable to Tweet or reset your password while we review and address this incident.
— Twitter Support (@TwitterSupport) July 15, 2020
Sen. Josh Hawley (R-MO) immediately sent a letter to Twitter CEO Jack Dorsey after Twitter failed to prevent the attack.
“I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” Hawley wrote. “As you know, millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service. A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.”
Hawley added, “Please reach out immediately to the Department of Justice and the Federal Bureau of Investigation and take any necessary measures to secure the site before this breach expands.”
— Josh Hawley (@HawleyMO) July 16, 2020
Hawley instructed Dorsey to answer the following questions:
- Did this event represent a breach of users’ own account security or of Twitter’s systems?
- Were accounts protected by two-factor authentication successfully targeted in this breach? If so, how was this possible?
- Did this breach compromise the account security of users whose accounts were not used to share fraudulent posts? If so, how many accounts were affected? Were all accounts’ security compromised by this breach?
- How many users may have faced data theft as a consequence of this breach?
- What measures does Twitter undertake to prevent system-level hacks from breaching the security of its entire userbase?
- Did this attack threaten the security of the president’s own Twitter account?
Twitter’s failure to protect the security of the platform comes after the company recently became more engaged in promoting leftist political activism on the platform.
Twitter has recently expressed support for Black Lives Matter, which has been criticized for allegedly being a neo-Marxist group, censored tweets from President Donald Trump that stated policy, and engaged in the social justice rewriting of the language that the company uses in internal documents.
I lead the @TwitterSupport team. I am so proud to work at a company that stands behind #BlackLivesMatter! We are here to help, in any way we can. Please don't hesitate to reach out during this time if you need help or support. I'm here. 👇🏾 pic.twitter.com/TT1hzwf2ub
— Donald Hicks (@DHicks) May 31, 2020
We’re starting with a set of words we want to move away from using in favor of more inclusive language, such as: pic.twitter.com/6SMGd9celn
— Twitter Engineering (@TwitterEng) July 2, 2020
We’ve placed a public interest notice on this Tweet for violating our policy against abusive behavior, specifically, the presence of a threat of harm against an identifiable group.https://t.co/AcmW6O6d4t
— Twitter Safety (@TwitterSafety) June 23, 2020
On the platform, users who had unverified accounts, or who had tweeted before the temporary lockdown was put in place, slammed Dorsey for the incident.
Bloomberg reporter Steven Dennis tweeted, “How soon until a Congressional committee chairman calls for a hearing with Jack Dorsey to explain how hackers were able to impersonate the most powerful people on earth over and over and over and over and over again on his platform?”
How soon until a Congressional committee chairman calls for a hearing with Jack Dorsey to explain how hackers were able to impersonate the most powerful people on earth over and over and over and over and over again on his platform?
— Steven Dennis (@StevenTDennis) July 15, 2020
Nathan Brand, who works for the NRSC, tweeted: “Under Jack Dorsey, Twitter is a disaster… – Security breaches – Censoring of the President of the United States – Banning conservatives – Promoting cancel-culture mobs.”
Under Jack Dorsey, Twitter is a disaster…
– Security breaches
– Censoring of the President of the United States
– Banning conservatives
– Promoting cancel-culture mobs
— Nathan Brand (@NathanBrandWA) July 15, 2020
Grabien founder Tom Elliott mocked the platform for its focus on promoting activism.
Am shocked they dropped the ball pic.twitter.com/xcWm5AGCYS
— Tom Elliott (@tomselliott) July 15, 2020
Congressional Leadership Fund Rapid Response Director Matthew Foldi mocked Dorsey in a tweet by posting a GIF of Facebook CEO Mark Zuckerburg, writing: “Look who’s knocking on your door, @jack”
— Matthew Foldi (@MatthewFoldi) July 16, 2020
Other random accounts also mocked Dorsey over the incident.
— Shahmeer Hashmat (@ShahmeerHashmat) July 15, 2020
Time for Jack Dorsey to go on another Myanmar retreat.
— Chris Olenik (@chrisolenik) July 15, 2020
Jack Dorsey logging on for the first time to check on his “product”. pic.twitter.com/OLBkZCpKVr
— Subtle Thought (@__IpsoFacto__) July 15, 2020