Twitter silences some verified accounts after wave of hacks

WASHINGTON (Reuters) – A series of high-profile Twitter (TWTR.N) accounts were hijacked on Wednesday, with some of the platform’s top voices – including U.S. presidential candidate Joe Biden, reality television show star Kim Kardashian, former U.S. President Barack Obama, billionaire Elon Musk, and rapper Kanye West, among many others – used to solicit digital currency.

FILE PHOTO: Democratic U.S. presidential candidate and former Vice President Joe Biden speaks about his plans for tackling climate change during a campaign event in Wilmington, Delaware, U.S., July 14, 2020. REUTERS/Leah Millis

The cause of the breach was not immediately clear and – more than an hour after the first wave of hacks – Twitter took the extraordinary step of preventing at least some verified accounts from publishing messages altogether.

It was not clear whether all verified users were affected but, if so, it would have a huge impact on the platform and its users. Verified users include celebrities and journalists, but also governments, politicians and heads of state.

Twitter didn’t offer clarification but said in a statement that users “may be unable to tweet or reset your password while we review and address this incident.”

The unusual scope of the problem suggested that it was not limited to a single account or service. While account compromises are not unusual, experts were surprised at the sheer scale and coordination of Wednesday’s incident.

“This appears to be the worst hack of a major social media platform yet,” said Dmitri Alperovitch, who co-founded cybersecurity company CrowdStrike.

Twitter told Reuters just before 5 p.m. EDT that it was investigating what it later called a “security incident” and would be issuing a statement shortly. However, more than an hour-and-a-half later, the company had still not issued any explanation for what had happened.

Shares in the social media company tumbled almost 5 percent in trading after the market close before paring their losses.

Earlier, some of the platform’s biggest users appeared to be struggling to re-establish control of their Twitter accounts. In the case of billionaire Tesla (TSLA.O) Chief Executive Elon Musk, for example, one tweet soliciting cryptocurrency was removed and, sometime later, another one appeared, and then a third.

Among the others affected: Amazon (AMZN.O) founder Jeff Bezos, investor Warren Buffett, Microsoft (MSFT.O) co-founder Bill Gates, and the corporate accounts for Uber (UBER.N) and Apple (AAPL.O). Several accounts of cryptocurrency-focused organizations were also hijacked.

Biden’s campaign was “in touch” with Twitter, according to a person familiar with the matter. The person said the company had locked down the Democrat’s account “immediately following the breach and removed the related tweet.” Tesla and other affected companies were not immediately available for comment.

Publicly available blockchain records show that the apparent scammers have already received more than $100,000 worth of cryptocurrency. Some experts said the incident has raised questions about Twitter’s cybersecurity.

“It’s clear the company is not doing enough to protect itself,” said Oren Falkowitz, former CEO of Area 1 Security.

Alperovitch, who now chairs the Silverado Policy Accelerator, said that, in a way, the public had dodged a bullet so far.

“We are lucky that given the power of sending out tweets from the accounts of many famous people, the only thing that the hackers have done is scammed about $110,000 in bitcoins from about 300 people,” he said.

Reporting by Chris Sanders and Anna Driver; Editing by Sandra Maler, Diane Craft and Aurora Ellis

Source Article