Twitter says attackers read dozens of users’ private messages during cyberattack

Twitter is acknowledging that hackers in an attack last week read dozens of its users’ private messages, including those of an elected official in the Netherlands, and eight users had their private data downloaded by the hackers.

Twitter also said the attackers could view phone numbers, email addresses, previous passwords and other data for the 130 users who were targeted in the hacking scheme.

Presumptive Democratic presidential nominee Joseph R. Biden and former President Barack Obama had their accounts compromised. The attackers do not appear to have read any private messages from Mr. Biden or Mr. Obama, as Twitter said it knew of no other elected officials beyond the Netherlands’ user that had their private messages accessed. Twitter said it knew of as many as 36 accounts that had their private messages accessed.

Twitter also conceded that its employees fell victim to a “social engineering scheme” in which they were tricked into handing over confidential information and performing specific actions.

“The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections,” Twitter wrote on the company’s blog Wednesday evening. “As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts.”

The hackers reset the passwords of 45 users’ accounts and then took control of the accounts to send tweets that showed messages involving a cryptocurrency scam using bitcoin. Twitter did not provide details on how the other accounts were accessed.

Last week’s attack was not the first time that malicious actors turned employees into working against Twitter. An unsealed criminal complaint in November 2019 showed the federal government charged two former Twitter employees with accessing users’ personal data at the direction of the Saudi government.

The FBI’s San Francisco division has said it is investigating the Twitter attack. The company has said it is cooperating.

Twitter CEO Jack Dorsey said Thursday his company is working to prevent future insider threats at Twitter.

“We moved quickly to address what happened, and have taken additional steps to improve resiliency against targeted social engineering attempts, implemented numerous safeguards to improve the security of our internal systems, and are working with law enforcement,” Mr. Dorsey said.

“We understand our responsibilities and are committed to earning the trust of all of our stakeholders with our every action, including how we address this security issue.”