Official announcement that there is no evidence of password leakage regarding Twitter's large-scale hacking case

Regarding the case where the Twitter accounts of major companies such as Apple, Bill Gates, former American President Barack Obama, Elon Musk, etc. were hacked, Twitter based on the results of the internal investigation ``The evidence of password leakage No'. The tactics of this hacking incident are unknown, but some media point out that 'Twitter employees may have cooperated in the crime.'

Twitter Support (@TwitterSupport) / Twitter
https://twitter.com/TwitterSupport

Twitter says passwords were spared in yesterday's attack, but it's still working to restore locked accounts-The Verge
https://www.theverge.com/2020/7/16/21327521/twitter-hack-passwords-locked-accounts-restore-access

On July 16, 2020, a massively unprecedented security breach occurred in which Twitter accounts of major companies and celebrities were hacked all at once. Bitcoin scams were tweeted in the hacked Twitter account, and the damage is estimated to be about 120,000 dollars (about 13 million yen).

Twitter companies and celebrity accounts such as Apple and Elon Musk are hacked at once-GIGAZINE

For this one, Twitter locked many accounts, including verified accounts, and started its own investigation. We tweeted a report based on the results of the survey before the 17th July 2020 Japan time.

According to Twitter, 'there is no evidence that the attacker has accessed the password (of the hacked account).' Therefore, he said there is no need to reset the Twitter account password.

We have no evidence that attackers accessed passwords.Currently, we don't believe resetting your password is necessary.

— Twitter Support (@TwitterSupport) July 16, 2020

As part of the response to the incident, he said he took steps to lock all accounts that tried to change his password in the last 30 days.

Out of an abundance of caution, and as part of our incident response yesterday to protect people's security, we took the step to lock any accounts that had attempted to change the account's password during the past 30 days.

— Twitter Support (@TwitterSupport) July 16, 2020

As a further measure, password resets for locked accounts were temporarily prohibited. In addition, Twitter said, 'The fact that an account has been locked does not mean that it has been hacked. Although many accounts are temporarily locked, we believe that only a few are actually hacked.' I commented.

If your account was locked, this does not necessarily mean we have evidence that the account was compromised or accessed.So far, we believe only a small subset of these locked accounts were compromised, but are still investigating and will inform those who were affected.

— Twitter Support (@TwitterSupport) July 16, 2020

'We are trying to restore access to your account as soon as possible,' he said.

We're working to help people regain access to their accounts ASAP if they were proactively locked.This may take additional time since we're taking extra steps to confirm that we're granting access to the rightful owner.

— Twitter Support (@TwitterSupport) July 16, 2020

In this hacking case, it was reported that an account protected by two-step verification and a strong password was also damaged, and the trick is a mystery at this stage. Twitter explained the method of the crime as 'a social engineering attack appears to have allowed our employees to access internal systems and tools.'

We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

— Twitter Support (@TwitterSupport) July 16, 2020

Motherboard of IT-based news media, hackers found to have involved in this incident and said, 'I had to cooperate to attack pay money to Twitter employees' has reported .

The Federal Bureau of Investigation (FBI) has begun investigating this case, and Twitter commented to the press that they 'informed their intention to cooperate fully with the FBI.'