SAN FRANCISCO: Twitter suffered a major security breach that saw hackers take control of the accounts of major public figures and corporations, including Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos and Apple.
Twitter disabled the ability to tweet from validated accounts, those with the official blue checkmarks, for about two hours while working on a fix.
“Most accounts should be able to Tweet again,” the Twitter support team said in an evening update of the situation. As we continue working on a fix, this functionality may come and go. We’re working to get things back to normal as quickly as possible.”
The hack unfolded over the course of several hours as Twitter stopped all verified accounts from tweeting at all. The company had restored most accounts by Wednesday evening, but warned that it “may take further actions”.
The company said that it had also locked the compromised accounts and “taken steps to limit access to internal systems and tools” while it continues its investigation. The compromised accounts, which count tens of millions of followers, sent a series of tweets proposing a classic bitcoin scam.
Other compromised accounts include those of Kanye West, Michael Bloomberg, Uber, and a number of cryptocurrency exchanges or organisations. The account of US President Donald Trump was not among those hacked.
The messages included the address of a bitcoin wallet whose balance grew rapidly as the scam spread. Tweets with similar messages were repeatedly deleted and re-posted by some of the compromised accounts.
Twitter issued its first statement approximately 90 minutes after scam messages began being sent out by Musk’s and Gates’ accounts, as the attack was ongoing.
“We are aware of a security incident impacting accounts on Twitter,” the company said on Twitter. “We are investigating and taking steps to fix it. We will update everyone shortly.”
The company subsequently warned that some users would be unable to tweet or change their passwords as it worked to address the issue. Verified users, whose accounts feature a blue checkmark to denote that Twitter has confirmed their identities, were blocked from tweeting for about an hour.
“Tough day for us at Twitter,” chief executive Jack Dorsey tweeted on Wednesday evening. “We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”