Twitter has now informed that attackers of the high-profile account hacks happened last month, were done by obtaining the credentials of some of their employees. Employees with access to internal tools and account support were targeted by phone spear phishing methods to obtain their credentials, and access the accounts.
Twitter Explains How the High-profile Accounts Were Hacked:
After completing the thorough investigation into the high-profile accounts hacking incident, Twitter now comes up with an explanation about how it happened. In a series of tweets by Twitter Support, the company’s official handle for support updates has explained the incident yesterday.
It said the attacks targeted a few of their employees via phone spear-phishing attacks to gain their company’s internal network credentials. This gave them a chance to access their accounts and learn the internal processes of handling accounts. Thereby, they stated targeting more employees who have access to the company’s tools and account management support.
The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems. — Twitter Support (@TwitterSupport) July 31, 2020
