Last week, it was revealed that over 100 high-profile Twitter users had their accounts hacked as part of a Bitcoin scam, which used those accounts to tell Twitter users that money sent to a specific Bitcoin account would be sent back doubled.
Now, in a new update from Twitter, it has been revealed that the hackers gained access to the private direct messages (DMs) of 36 of the hacked users.
'A coordinated social engineering attack'
Amongst the high-profile names hacked were Bill Gates, Elon Musk, Jeff Bezos, Joe Biden, and many more. Despite the obvious nature of the scam, it remarkably made at least six figures, TechCrunch reports.
The new update from Twitter, detailed in their tweet below and in a blog update, has renewed pressure on the social media to end-to-end encrypt its DMs.
We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox, including 1 elected official in the Netherlands. To date, we have no indication that any other former or current elected official had their DMs accessed.— Twitter Support (@TwitterSupport) July 22, 2020
In a series of tweets a day after last week's hack, Twitter said it had detected what it believed "to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools."
RELATED: 15+ WAYS TWITTER REACTED TO THE CRYPTOCURRENCY SCAM
'A breathtaking impact, for years to come'
The company also said there was "no evidence" that the hackers had gained access to the hacked users' passwords. The new update makes no change to this statement.
As Ars Technica reports, US Senator Ron Wyden, a Democrat representing Oregon, released a statement last week saying he had pressed Twitter CEO Jack Dorsey to protect direct messages with end-to-end encryption.
“Twitter DMs are still not encrypted, leaving them vulnerable to employees who abuse their internal access to the company's systems, and hackers who gain unauthorized access,” Wyden wrote. “If hackers gained access to users' DMs, this breach could have a breathtaking impact, for years to come.”