The coordinated hacking of high-profile Twitter accounts on Wednesday had the potential to endanger national security, House Committee on Oversight and Reform Ranking Member Rep. James Comer told Twitter CEO Jack Dorsey in a letter Thursday.
The Twitter accounts for some of the platform’s most prominent users — including former President Barack Obama and presumptive Democratic presidential nominee Joe Biden — were compromised Wednesday afternoon by apparent bitcoin scammers.
Twitter said in a statement that the breaches were the result of a “coordinated social engineering attack” against Twitter employees that have access to internal administration tools.
The bitcoin address linked in the tweets posted to the compromised accounts during the attack racked up at least $115,000, according to NBC News, citing a public register of bitcoin transactions.
Comer, a Kentucky Republican, said in his letter to Dorsey that Twitter’s failure to secure its site from such an attack “not only created an opportunity for criminals to perpetrate a crime broadcasted to millions of Twitter’s users, but the hackers’ potential breach of Twitter’s security poses broader risks regarding hackers’ access to private direct messages.”
Comer also alluded to President Donald Trump’s penchant to govern via Tweet, suggesting that Wednesday’s breach could have impacted national security had the hackers chose to post something other than bitcoin scams to the Twitter accounts of their prominent victims. (RELATED: Hackers Compromise Joe Biden, Barack Obama’s Twitter Accounts, Promote Bitcoin Scam)
“Indeed, the President, with 83.5 million followers, is a frequent user of Twitter, which allows him to break through the filter of traditional media and speak directly to all Americans and the world,” Comer wrote. “Breaches similar to yesterday’s have the potential to jeopardize national and economic security and disrupt the lives of millions of Americans.”
Motherboard reported Wednesday that a Twitter insider with access to an internal administration tool worked with the attackers who took over accounts during the attack.
“We used a rep that literally done all the work for us,” an unnamed source who took over the accounts told Motherboard. A second unnamed source who was involved in the breaches told Motherboard they had paid the Twitter insider who assisted them during the attack.
A Twitter spokesperson told Motherboard on Wednesday evening that the company is investigating whether the employee targeted by the social engineering attack was responsible for hijacking the victims’ accounts themselves or if they granted hackers direct access to the administration tool.
Twitter acknowledged in a statement Wednesday that its internal systems and tools were used to “take control of many high-visible (including verified) accounts and Tweet on their behalf.”
We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
— Twitter Support (@TwitterSupport) July 16, 2020
Comer asked Dorsey to provide a briefing to the House Committee on Oversight and Reform by July 24 that addresses how many Twitter employees were targeted during the attack, whether a foreign adversary was involved in the attack, the total number of accounts impacted by the breach and the steps Twitter will take to ensure a similar breach never occurs again.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact firstname.lastname@example.org.