Around 130 celebrities and companies were targeted in Twitter’s most high-profile hack ever, the company has announced.
Investigations are still continuing into how the account was able to happen, and how widespread the damage from it was.
But for now the company is unable to say for sure that those targeted accounts did not have personal information, such as direct messages, accessed during the hack, Twitter has announced.
The hack became public when a number of high-profile accounts – from Kanye West to Apple – started tweeting to encourage users to send money to a specific address. While that cryptocurrency is the only public part of the scam, experts have speculated that the hackers likely had access to other systems and that the bitcoin tweets may actually have been a distraction from something potentially more dangerous.
Twitter said that it was “continuing to assess” whether any more information was compromised, or if other actions were taken while the accounts were taken over.
Twitter has since said that it happened after employees were targeted and gave hackers access to its internal tools, rather than any of those individual accounts being compromised.
Since then, it locked down accounts to stop unauthorised access, and it said in the new update that some features would still be unavailable on the site as the investigation continued.
“Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident. For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts,” the company said in a series of tweets.
“We’re working with impacted account owners and will continue to do so over the next several days. We are continuing to assess whether non-public data related to these accounts was compromised, and will provide updates if we determine that occurred.
“For all accounts, downloading Your Twitter Data is still disabled while we continue this investigation.
“We have also been taking aggressive steps to secure our systems while our investigations are ongoing. We’re still in the process of assessing longer-term steps that we may take and will share more details as soon as we can.”