2020-07-17T09:44:00Z

How was the 2020 Twitter Hack carried out? How could it have been prevented?


On July 15, 2020, several verified Twitter accounts with millions of followers were compromised in a cyberattack. Many of the hacked accounts we protected using two-factor authentication, which the hackers were somehow able to bypass.

Hacked accounts included Barack Obama, Joe Biden, Bill Gates, Jeff Bezos, Mike Bloomberg, Warren Buffett, Kim Kardashian, and Kanye West, Benjamin Netanyahu, and several high profile tech companies, including Apple and Uber.

The hackers posted variation of a message asking follower to transfer thousands of dollars in Bitcoin, with the promise that double the donated amount would be returned.

How could Twitter have been better prepared for this? How do you rate their response?

Guest
66 Answers

author avatar
User

@Ken Shaurette thanks! I missed it live, will catch the recording when I get a chance. What security platforms do you think would have done the best job at preventing the hack?

2020-07-20T13:41:46Z
author avatar
Top 5LeaderboardReal User

I like the potential for catching an unusual activity like that with our recently implemented endpoint detection tool, Cynet360.  It seems so far to have about the highest level of transparency into the endpoint with a 24x7x365 backing of monitoring.  

2020-07-23T15:10:18Z
author avatar
User

@Ken Shaurette thanks! I missed it live, will catch the recording when I get a chance. What security platforms do you think would have done the best job at preventing the hack?

2020-07-20T13:41:46Z
author avatar
Top 5LeaderboardReal User

The use of two factor authentication by Twitter

2020-08-07T22:33:50Z
author avatar
Top 5LeaderboardReseller

This is one of the Identity theft issue, which means some one hack your password or account and do activity which he she is not suppose to do. basic reason of hack of your identity or password is Social engineering. second reason is system has week privilege access management. If you have less control on admin id or privilege id then enter firm has to suffer along with the customer of that firm. For me the take away of this event is to protect privilege ID and you good PAM PIM tool with two factor and UBA included.  

2020-07-20T10:07:07Z
author avatar
Top 5LeaderboardReal User

Span of control, Solid RBAC, Privileged Access Management (PAM) 

2020-07-17T22:19:33Z
Find out what your peers are saying about SonarQube, Veracode, Sonatype and others in Application Security. Updated: July 2020.
431,024 professionals have used our research since 2012.