Cyber Incident Victim: Twitter

On July 15, 2020, Twitter experienced a significant security incident involving the compromise of numerous high-profile verified accounts. Attackers hijacked accounts belonging to prominent individuals and organizations, including Elon Musk, Bill Gates, Joe Biden, Barack Obama, Jeff Bezos, Apple, Uber, and several cryptocurrency exchanges and celebrities such as Kim Kardashian and Kanye West. The compromised accounts tweeted messages promoting a cryptocurrency scam, instructing followers to send Bitcoin to a specified blockchain address with the promise of doubled returns. These fraudulent tweets included a Bitcoin address that received over $100,000 through hundreds of transactions before being removed. Some tweets also contained links to a scam website, which was subsequently taken down. Twitter initially acknowledged the incident via a public statement confirming a security breach impacting accounts and announced an ongoing investigation.

Twitter implemented immediate containment measures by blocking all verified accounts from tweeting to prevent further malicious posts. Most compromised accounts were restored to their rightful owners within hours, with scam tweets deleted. The company later attributed the attack to a coordinated social engineering campaign targeting employees with access to internal systems and tools. This access enabled attackers to bypass standard authentication controls and take over accounts directly. The incident mirrored a similar cryptocurrency scam earlier that year involving hijacked YouTube accounts impersonating Microsoft brands. Financial losses were limited to the Bitcoin address promoted in the tweets, with no additional compromises of user data or systems reported by Twitter. The company concluded its public updates by confirming remediation steps without disclosing further technical details of the breach.