What you need to know
- Twitter says that 36 accounts had their DMs accessed during last week's breach.
- That includes the account of one elected official from the Netherlands.
- It says it has no indication to date that any other former or current elected official was compromised.
Twitter has said an elected official from the Netherlands was one of 36 accounts that had their DMs inbox accessed during last week's major breach.
In an update to its ongoing coverage of a major breach on July 15 Twitter stated:
We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox, including 1 elected official in the Netherlands. To date, we have no indication that any other former or current elected official had their DMs accessed. [Added on July 22, 2020]
This follows the revelation last week that eight non-verified accounts had all of their information (including direct messages) downloaded using the 'Your Twitter Data' tool. This latest update is a different kind of breach, as rather than downloading the messages, attackers simply took control of the account and then viewed the account's inbox on Twitter.com. Twitter says that in total 36 accounts were compromised in this way, including the elected official from the Netherlands.
If you're keeping score, that means that in total 130 accounts were targeted by attackers during the breach. 45 accounts, many of them high profile, were accessed and used to send out tweets encouraging people to send bitcoin with the promise the money would be doubled. 36 accounts had their DM inbox accessed, and eight accounts had all of their data (including direct messages) downloaded, however, none of those eight accounts were verified.
Many Twitter users (including iMore) have still not been able to regain access to their accounts following the breach. Twitter says it is communicating directly with the owners of impacted accounts and will share updates when it has them.