OAKLAND, Calif. -- Twitter says the hack that compromised the accounts of some of its most high-profile users targeted 130 people. The hackers were able to reset the passwords of 45 of those accounts.
“We’re embarrassed, we’re disappointed, and more than anything, we’re sorry. We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice,” Twitter said in the blog post.
It highlighted a major flaw with the service millions of people have come to rely on as an essential communications tool.
Allison Nixon, chief research officer at cybersecurity firm 221B said in an email Sunday that the people behind the attack appear to have come from the “OG” community, a group interested in original, short Twitter handles such as @a, @b or @c, for instance.
"Based upon what we have seen,the motivation for the most recent Twitter attack is similar to previous incidents we have observed in the OG community — a combination of financial incentive, technical bragging rights, challenge, and disruption,” Nixon wrote. “The OG community is not known to be tied to any nation state. Rather they are a disorganized crime community with a basic skillset and are a loosely organized group of serial fraudsters.”
“Entire markets and potentially elections may be manipulated or altered in this way,” Nixon said. "Victims of account takeovers generally do not know that the fraud has occurred, and generally cannot take security precautions to prevent it.”