In a significant development, the twitter account of high-profile figures, including U.S tech entrepreneur Elon Musk, Bill Gates, Jeff Bezos, reality TV star Kim Kardashian, U.S. presidential candidate Joe Biden, former U.S. President Barack Obama, among many others have been hacked and used to solicit digital currency.
In a sign that marks the seriousness of the issue, even hours after the first wave of hacks, the cause of the breach has yet to be made public. Twitter has however taken the extraordinary step of preventing at least some verified accounts from publishing any messages.
Twitter is yet to be determined whether all verified users have been affected, but if that is the case, it would have a huge impact on the social media platform as well as its users.
Verified users include prominent politicians, heads of state, emergency services, celebrities, news agencies as well as journalists.
In a statement Twitter said, most affected users had their ability to tweet restored hours within hours. It has however cautioned that account functionality “may come and go” as it continues to work towards a solution.
Twitter’s CEO Jack Dorsey said the company was diagnosing the problem and pledged to share “everything we can when we have a more complete understanding of exactly what happened,” while adding “Tough day for us at Twitter. We all feel terrible this happened”.
The scope of the problem suggests that hackers had managed to gain access to Twitter’s computers at the system level rather than break into individual accounts separately. Although account comprises on Twitter are not rare, experts are however concerned over the sheer scale and coordination of the hack.
“This appears to be the worst hack of a major social media platform yet,” said Dmitri Alperovitch, co-founder of CrowdStrike, a cybersecurity company.
U.S. Congressman Frank Pallone, chairman of the House energy and commerce committee, was quick to call on Twitter saying it should account for what went wrong.
“Twitter needs to explain how all of these prominent accounts were hacked,” said Pallone in a tweet.
“It is highly likely that the attackers were able to hack into the back end or service layer of the Twitter application,” said Michael Borohovski, a director at Synopsys, a software engineering and security company.
He went on to add, “If the hackers do have access to the backend of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction”.
With the news reaching the media, Twitter’s shares tumbled by nearly 5% after the closure of the market before paring their losses.
According to publicly available blockchain records, the apparent scammers have received more than $100,000 in cryptocurrency.
The hack has highlighted issues revolving around Twitter’s cybersecurity.
“It’s clear the company is not doing enough to protect itself,” said Oren Falkowitz, former CEO of Area 1 Security.