Former Twitter staff claim more than 1,000 employees had access to accounts

24 Jul 2020

Image: © PixieMe/Stock.adobe.com

Two former Twitter employees have claimed that more than 1,000 of its staff had tools to edit user account settings.

Following the high-profile hijacking of verified Twitter accounts to post a bitcoin scam, former employees at the social network have claimed that a large proportion of its workforce had tools to access and edit accounts.

Speaking with Reuters, two sources said that more than 1,000 employees and contractors, as of earlier this year, had access to internal tools that could change user account settings and hand access over to others.

Twitter would not comment on whether the figure of more than 1,000 was accurate and if the number of employees with access to these tools had changed before or after the breach.

The two former employees did say that Twitter improved its ability to track the activity of staff on accounts in the wake of previous incidents. This includes the charging of former employees in the US last year with spying on behalf of Saudi Arabia to obtain private data on Twitter users critical of the Middle Eastern country.

‘Attackers targeted Twitter employees’

The breach earlier this month saw perpetrators collect more than $100,000 worth of bitcoin in a coordinated scam. Using verified accounts, they made false claims that they would send $2,000 worth of bitcoin to anyone who sends $1,000 worth.

The tweets told followers that they had just 30 minutes to transfer their money if they wanted to get the promised amount back. Targeted accounts included Bill Gates, Elon Musk, Jeff Bezos, Kanye West and Joe Biden.

Both Twitter and the FBI are investigating the breach. In an update last weekend, Twitter said it believes that “attackers targeted certain Twitter employees through a social engineering scheme” to gain access to accounts.

“The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections,” the company said. “As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts.”

For 45 of those accounts, Twitter said that attackers were able to initiate a password reset to log in to the account and send tweets. It also said that attackers may have attempted to sell some of the usernames.

Earlier this week, Twitter added that it believes attackers accessed the direct message inbox for up to 36 of the 130 targeted accounts, including one elected official in the Netherlands.

Twitter seeking new forms of revenue

Meanwhile, Twitter’s earnings report for Q2 was less than stellar, with advertising revenue down 23pc year-on-year, despite seeing a “moderate recovery” when compared with March. It also failed to meet analyst expectations for revenue, coming in at $683m versus the expected $707m.

CEO Jack Dorsey said the company is now in the “very, very early phases of exploring” other revenue-generating options, such as a paid subscription model.

Colm Gorey was a senior journalist with Silicon Republic

editorial@siliconrepublic.com