Twitter just released an update on the massive hack that prompted the Great Blue Tick Silence of 2020, letting us know exactly how many accounts were actually impacted.
On July 15, hackers posted tweets from several prominent, verified Twitter users’ accounts, falsely claiming that any bitcoin sent to a certain address would be paid back in double. The scam netted the hackers 400 payments with a total value of $121,000 — a tidy sum for a handful of tweets.
Now, Twitter has revealed what it’s learned about how this hack took place, stating that it “relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to [Twitter’s] internal systems.”
“The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack,” wrote Twitter in a blog post on Thursday. “A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools.
“Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers us