Twitter accounts belonging to Joe Biden, Bill Gates, Elon Musk and Apple, among other prominent handles, were compromised on Wednesday in what Twitter said it believes to be an attack on some of its employees with access to the company’s internal tools.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter’s support team said late Wednesday.
The attackers posted tweets that appeared to promote a cryptocurrency scam.
The accounts, along with those of former President Barack Obama, Kanye West, Kim Kardashian West, Warren Buffett, Jeff Bezos and Mike Bloomberg, posted similar tweets soliciting donations via Bitcoin to their verified profiles on Wednesday.
“Everyone is asking me to give back, and now is the time,” Gates’ tweet said, promising to double all payments to a Bitcoin address for the next 30 minutes. All the tweets were subsequently deleted.
“Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers,” Twitter said. “We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.” Twitter Support said.
In a tweet on Wednesday, CEO Jack Dorsey said it was a “tough day for us at Twitter.”
“We all feel terrible this happened,” Dorsey said. “We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
A little more than an hour after the attack began, Twitter apparently moved to prevent holders of verified accounts from tweeting. Non-verified accounts could still tweet, however.
Around 8:30 pm ET, roughly three hours after Twitter first said publicly that it was investigating the apparent hack and a little more than two hours after it shut down tweeting for some accounts, Twitter said the majority of accounts had been restored to full functionality.
“Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go,” Twitter said. “We’re working to get things back to normal as quickly as possible.”
The company said it is still investigating the breach and what other data may have been compromised.