In July 2020, Twitter experienced a significant security breach that spanned several phases, including social engineering to gain network access, account takeover for valuable 'OG' usernames, and a high-profile bitcoin scam involving verified accounts of well-known individuals and companies. Hackers utilized sophisticated methods such as phishing to capture Twitter employees' credentials, exploiting the system to access internal tools. The incident led to the compromise of 130 user accounts, with hackers targeting and manipulating high-profile accounts to promote a bitcoin scam, fraudulently acquiring about $118,000. The breach not only exposed users' nonpublic information but also put a spotlight on potential vulnerabilities within Twitter's security frameworks, bringing into question the platform's capacity to safeguard user data and resist manipulative external threats.
Source: https://www.dfs.ny.gov/Twitter_Report
"id": "twi915050624",
"linkid": "twitter",
"type": "Vulnerability",
"date": "07/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"