The company has said “attackers targeted certain Twitter employees through a social engineering scheme”—trickery or coercion—got through two-factor security measures and accessed internal systems. Of 130 accounts targeted, the company said, hackers were able to reset passwords, login and tweet from 45 of them. “For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information,” the company said. It could not be learned whether a Twitter staffer was actively involved in the breach or how much data was accessed. When he heard about the account takeovers, he immediately consulted his intelligence network to learn more and looked for Twitter’s statements on the attack.

Source: Wall Street Journal July 20, 2020 09:45 UTC