Twitter says the hack that compromised the accounts of some of its most high-profile users targeted 130 people. The hackers were able to reset the passwords of 45 of those accounts.
The San Francisco-based company said in a blog post Saturday that for up to eight of these accounts the attackers also downloaded the account's information through the "Your Twitter Data" tool. None of the eight were verified accounts, Twitter said, adding that it is contacting the owners of the affected accounts.
"We're embarrassed, we're disappointed, and more than anything, we're sorry. We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice," Twitter said in the blog post.
The July 17 attack broke into the Twitter accounts of world leaders, celebrities and tech moguls in one of the most high-profile security breaches in recent years. The attackers sent out tweets from the accounts of the public figures, offering to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.
It highlighted a major flaw with the service millions of people have come to rely on as an essential communications tool.
Allison Nixon, chief research officer at cybersecurity firm 221B said in an email Sunday that the people behind the attack appear to have come from the "OG" community, a group interested in original, short Twitter handles such as @a, @b or @c, for instance.
"Based upon what we have seen, the motivation for the most recent Twitter attack is similar to previous incidents we have observed in the OG community — a combination of financial incentive, technical bragging rights, challenge, and disruption," Nixon wrote.
"The OG community is not known to be tied to any nation state. Rather they are a disorganized crime community with a basic skillset and are a loosely organized group of serial fraudsters."
While this attack did not appear go further than the Bitcoin ruse — at least for now — it raises questions about Twitter's ability to secure its service against election interference and misinformation ahead of the U.S. presidential election.
"Entire markets and potentially elections may be manipulated or altered in this way," Nixon said. "Victims of account takeovers generally do not know that the fraud has occurred, and generally cannot take security precautions to prevent it."