The U.S. Federal Bureau of Investigation is investigating Wednesday's major Twitter hack, in which scammers tapped into high-profile accounts to scam users out of over $100,000 in Bitcoin, the agency confirmed Thursday.
“The FBI is investigating the incident involving several Twitter accounts belonging to high profile individuals that occurred on July 15, 2020. At this time, the accounts appear to have been compromised in order to perpetuate cryptocurrency fraud,” said the FBI’s San Francisco division in a statement. “We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident.”
New York Governor Andrew Cuomo said in a statement Thursday that the state’s Department of Financial Services would also conduct a “full investigation into this massive hack.”
On Wednesday, hackers targeted accounts from celebrities and politicians, including Jeff Bezos, Joe Biden, Kim Kardashian and Barack Obama, with tweets that promised to send users back double the money they paid to an anonymous Bitcoin address. The hackers received over $100,000 in cryptocurrency off the brazen attack, according to Bitcoin’s public blockchain records.
Twitter called the breach a “coordinated social engineering attack” in which scammers “successfully targeted some of our employees with access to internal systems and tools."
Our investigation is still ongoing but here’s what we know so far:— Twitter Support (@TwitterSupport) July 16, 2020
One notable exception to the hack was U.S. President Donald Trump, whose verified personal and presidential accounts were unaffected Wednesday, which White House press secretary Kayleigh McEnany confirmed in a press briefing Thursday. She said Trump would stay on Twitter despite the attack.
"The president will remain on @Twitter" per @PressSec, asked about yesterday's Twitter hack targeting verified accounts— Jeff Seldin (@jseldin) July 16, 2020
"His account was secure & not jeopardized" she says, adding White House has been in touch w/Twitter "to keep Twitter secure, the president's twitter feed"
In a thread, Twitter said it had taken “significant steps to limit access to internal systems and tools” as its own investigation continues.
Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.— Twitter Support (@TwitterSupport) July 16, 2020
Twitter locked down all verified accounts after the news broke, preventing them from tweeting and resetting passwords. The company also removed the fake tweets from compromised accounts and said it would “restore access to the original account owner only when we are certain we can do so securely.”
Twitter’s blue check mark system, which indicates verified accounts, is supposed to show that a user is authentic.