Twitter Inc (NYSE:TWTR) said Thursday the attackers exploited its employees’ “human vulnerabilities” to conduct the infamous breach on the social media platform earlier this month.
What Happened: The attackers used so-called "spear phishing" techniques over the phone and targeted employees who had access to account support tools of the company, it noted.
Spear phishing refers to a practice whereby attackers pretend to be a trusted contact and mislead the target into revealing crucial information. According to Twitter, attackers misled certain employees to gain access to its internal systems.
Why It Matters: The attack on the microblogging platform took place on July 15 and targeted 130 high-profile users.
Forty-five of these accounts were used to send out tweets and 36 had their direct messages inbox accessed, Twitter has revealed since the hack. Data from seven accounts was downloaded.
Tesla Inc (NASDAQ:TSLA) CEO Elon Musk, Microsoft Corporation (NASDAQ:MSFT) co-founder Bill Gates, and the Democratic 2020 presidential candidate Joe Biden, were some of the people whose accounts were used to send out tweets promoting a cryptocurrency scam.
The Twitter internal tool involved in the hacking could be accessed by over 1000 employees at the company and some workers at contractors like Cognizant Technology Solutions Corporation (NASDAQ:CTSH), Reuters reported earlier.
Price Action: Twitter shares closed almost 1.2% lower at $36.72 on Thursday and gained 1.2% in the after-hours session.