Billionaires Elon Musk, Jeff Bezos and Bill Gates are among many prominent US figures targeted by hackers on Twitter in an apparent Bitcoin scam.
The official accounts of Barack Obama, Joe Biden and Kanye West also requested donations in the cryptocurrency.
“Everyone is asking me to give back,” a tweet from Mr Gates’ account said. “You send $1,000, I send you back $2,000.”
Twitter said it was a “co-ordinated” attack targeting its employees “with access to internal systems and tools”.
“We know they [the hackers] used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf,” the company said in a series of tweets.
It added that “significant steps” were taken to limit access to such internal systems and tools while the company’s investigation was ongoing.
Tough day for us at Twitter. We all feel terrible this happened.
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.
— jack (@jack) July 16, 2020
One cyber-security expert said that the breach could have been a lot worse in other circumstances.
“If you were to have this kind of incident take place in the middle of a crisis, where Twitter was being used to either communicate de-escalatory language or critical information to the public, and suddenly it’s putting out the wrong messages from several verified status accounts – that could be seriously destabilising,” Dr Alexi Drew from King’s College London told the BBC.
Emergency response
Twitter earlier had to take the extraordinary step of stopping many verified accounts marked with blue ticks from tweeting altogether.
Password reset requests were also being denied and some other “account functions” disabled.
By 20:30 Thursday morning users with verified account started to be able to send tweets again, but Twitter said it was still working on a fix.
Dmitri Alperovitch, who co-founded cyber-security company CrowdStrike, told Reuters news agency: “This appears to be the worst hack of a major social media platform yet.”
On the official account of Mr Musk, the Tesla and SpaceX chief appeared to offer to double any Bitcoin payment sent to the address of his digital wallet “for the next 30 minutes”.
“I’m feeling generous because of Covid-19,” the tweet added, along with a Bitcoin link address.
The tweets were deleted just minutes after they were first posted.
But as the first such tweet from Musk’s account was removed, another one appeared, then a third.
Others targeted included:
- the rapper Kanye West
- reality TV star Kim Kardashian West
- former US President Obama
- former US Vice-President Joe Biden, who is the current Democratic presidential candidate
- media billionaire Mike Bloomberg
- the ride-sharing app Uber
- the iPhone-maker Apple
The Biden campaign said Twitter had “locked down the account within a few minutes of the breach and removed the related tweet”.
A spokesman for Bill Gates told AP news agency: “This appears to be part of a larger issue that Twitter is facing.”
