Twitter also released more details about what the attackers did with that access — targeting 130 accounts, tweeting from 45, accessing the DM inboxes of 36 and copying account data from 7. In response to the breach, Twitter said “We are also improving our methods for detecting and preventing inappropriate access to our internal systems and prioritizing security work across many of our teams.” A more detailed report on what happened is now promised at a later date, pending the ongoing security improvements and law enforcement investigations.
By obtaining employee credentials, they were able to target specific employees who had access to our account support tools. They then targeted 130 Twitter accounts – Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.
— Twitter Support (@TwitterSupport) July 31, 2020
