Hackers Seize Control of Twitter Accounts for Joe Biden, Obama, Bill Gates, Elon Musk and More (UPDATED)
Photo by Leon Neal/Getty Images
If the billionaires who run the world’s tech giants can’t keep their Twitter accounts safe, what hope is there for the rest of us? That’s a fair question as Wednesday afternoon saw several prominent Twitter users apparently hacked, including Bill Gates, Elon Musk, and the official accounts for Apple and Uber. Update: the hack now includes Barack Obama, Joe Biden, Jeff Bezos, Kanye West, and more.
The suspicious tweets included a message that Gates, Musk, etc. wanted to “give back” and would be “doubling all payments” that Twitter users sent to a Bitcoin address for the next thirty minutes.
Screenshot via Twitter on July 15, 2020.
Screenshot via Twitter on July 15, 2020.
Similar to the hacks of Gates’ and Musk’s accounts, the official corporate accounts for Apple and Uber were targeted too, and posted similar invites to send in Bitcoin payments. It appears that whoever posted the tweets also made them the accounts’ “pinned tweets,” ensuring that more people would see them.
Screenshot via Twitter on July 15, 2020.
Screenshot via Twitter on July 15, 2020.
In each of these cases, the tweets were quickly deleted, but not before they were seen by many people. Gates has 51.1 million followers and Musk has 36.9 million. NBC News reported that more than 200 people sent funds to the bitcoin address posted in the tweets, totaling more than $100,000.
Twitter is looking into the issue and will have a statement later, said company spokeswoman Aly Pavela.
The hackers have even managed to access the account of Democratic presidential candidate Joe Biden.
Screenshot via Twitter on July 15, 2020.
UPDATE: The hackers have also targeted Kanye West, Mike Bloomberg, Jeff Bezos, and former President Barack Obama, including posting a reply saying that he had “just sent out $40,000!”
Screenshot via Twitter July 15, 2020.
Screenshot via Twitter July 15, 2020.
Screenshot via Twitter on July 15, 2020.
Screenshot via Twitter July 15, 2020.
UPDATE 5:52 pm ET: Uber posted a tweet acknowledging that they had been “hit by a scammer,” deleted the tweet, and were “working directly with Twitter to figure out what happened.”
Like many others, our @Uber account was hit by a scammer today. The tweet has been deleted and we’re working directly with @Twitter to figure out what happened.
— Uber Support (@Uber_Support) July 15, 2020
Twitter Support posted a tweet at 5:45 pm ET, stating that they were “aware of a security incident impacting accounts on Twitter,” were “investigating and taking steps to fix it,” and would “update everyone shortly.”
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
— Twitter Support (@TwitterSupport) July 15, 2020
UPDATE 6:00 pm ET: The hack now includes Wendy’s, and the Biden campaign has responded, telling reporters that they were able to lock down the account “within a few minutes of the breach,” deleted the tweet, and were “in touch with Twitter on the matter.” Correction: Wendy’s posted a tweet making fun of the hack, they were not actually hacked themselves.
New from @JoeBiden campaign:
“The Twitter Integrity team locked down the account within a few minutes of the breach and removed the related tweet. We remain in touch with Twitter on the matter.” @CBSNews
— Bo Erickson CBS (@BoKnowsNews) July 15, 2020
UPDATE 6:15 pm ET: Kim Kardashian West joins her husband as a target of the hack.
Screenshot via Twitter on July 15, 2020.
UPDATE 6:30 pm ET: Twitter appears to have locked down most, if not all, “blue check” verified accounts, temporarily preventing them from posting new tweets, although it does appear that verified users can access their direct messages, read tweets, and retweet the tweets of other users. Attempts to post tweets from verified accounts fail, displaying this error message:
Twitter Support posted the following:
You may be unable to Tweet or reset your password while we review and address this incident.
— Twitter Support (@TwitterSupport) July 15, 2020
The author of this article has two personal Twitter accounts, @rumpfshaker, which is a verified account, and @sarahrumpf, which is an unverified account I reserved as a placeholder to retweet my articles and prevent anyone else from using my name. I tested both accounts and was unable to tweet from @rumpfshaker but could retweet a @sarahrumpf tweet.
Twitter is locking down blue check accounts and I can’t seem to tweet directly from @rumpfshaker very well right now. https://t.co/50Q18R5UDf
— Sarah Rumpf (@sarahrumpf) July 15, 2020
UPDATE — 11:00 pm ET: Twitter posted a thread tonight saying their initial conclusion is that it was “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools”:
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Twitter Support (@TwitterSupport) July 16, 2020
Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.
— Twitter Support (@TwitterSupport) July 16, 2020
This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.
— Twitter Support (@TwitterSupport) July 16, 2020
Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.
— Twitter Support (@TwitterSupport) July 16, 2020
