Twitter said hackers accessed its internal systems to hijack some of the platform’s top voices – including US presidential candidate Joe Biden, reality TV star Kim Kardashian, rapper Kanye West, former US president Barack Obama and billionaire Elon Musk – and used them to solicit digital currency. Twitter said employees with access to its internal systems had been successfully targeted by hackers who “used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf”. “We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” the company said. Twitter temporarily took the extraordinary step of preventing for several hours at least some verified accounts from publishing messages altogether. It said it would restore access only when it was certain it could do so securely. Early on Thursday the company said most blue-check verified Twitter accounts could resume publishing tweets as normal. Publicly available blockchain records show the apparent scammers received more than US$100,000 worth of cryptocurrency. Twitter chief executive Jack Dorsey earlier said the company was diagnosing the problem and pledged to share “everything we can when we have a more complete understanding of exactly what happened”. “Tough day for us at Twitter. We all feel terrible this happened,” he said in a tweet. Shares in the social media company tumbled almost 5 per cent in trading after the market close before paring their losses. In the hours after the initial breach, some of the platform’s biggest users appeared to be struggling to re-establish control of their accounts. In the case of billionaire Tesla chief executive Elon Musk, for example, one tweet soliciting cryptocurrency was removed and, sometime later, another one appeared, and then a third. Among other high profile accounts affected: Amazon founder Jeff Bezos, investor Warren Buffett, Microsoft co-founder Bill Gates, and the corporate accounts for Uber and Apple. Several accounts of cryptocurrency-focused organisations were also hijacked. Altogether, the affected accounts had tens of millions of users. Tough day for us at Twitter. We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened. to our teammates working hard to make this right. — jack (@jack) July 16, 2020 Biden’s campaign was “in touch” with Twitter, according to a person familiar with the matter. The person said the company had locked down the Democrat’s account “immediately following the breach and removed the related tweet”. Tesla and other affected companies were not immediately available for comment. Several experts said the incident raised questions about Twitter’s cybersecurity. “It’s clear the company is not doing enough to protect itself,” said Oren Falkowitz, former CEO of Area 1 Security. On Twitter, fear of the pandemic has given way to anger, sadness and hope While account compromises are not unusual, experts were surprised at the sheer scale and coordination of Wednesday’s incident. “This appears to be the worst hack of a major social media platform yet,” said Dmitri Alperovitch, who co-founded cybersecurity company CrowdStrike. Alperovitch, who now chairs the Silverado Policy Accelerator, said that, in a way, the public had dodged a bullet so far. “We are lucky that given the power of sending out tweets from the accounts of many famous people, the only thing that the hackers have done is scammed about US$110,000 in bitcoins from about 300 people,” he said. The extraordinary hacking spree also drew questions about the platform’s security and resilience in the run-up to the US presidential election. The company statements confirmed the fears of security experts that the service itself – rather than users – had been compromised. Twitter’s role as a critical communications platform for political candidates and public officials, including US President Donald Trump, has led to fears that hackers could wreak havoc with the November 3 presidential election or otherwise compromise national security. Adam Conner, vice-president for technology policy at the Centre for American Progress, a liberal think-tank, said on Twitter: “This is bad on July 15 but would be infinitely worse on November 3rd.” Twitter’s response to this hack was astonishing. Dan Guido, Trail of Bits The damage to Twitter’s reputation may be amplified by how long the company took to stop the bad tweets. “Twitter’s response to this hack was astonishing. It’s the middle of the day in San Francisco, and it takes them five hours to get a handle on the incident,” said Dan Guido, CEO of security company Trail of Bits. An even worse scenario was that the bitcoin fraud was a distraction for more serious hacking, such as harvesting the direct messages of the account holders. Twitter said it was not yet certain what the hackers may have done beyond sending the bitcoin messages, and was looking into it. Would Trump abandon Twitter? Mass compromises of Twitter accounts via theft of employee credentials or problems with third-party applications that many users employ have occurred before. Wednesday’s hack was the worst to date. Several users with two-factor authentication – a security procedure that helps prevent break-in attempts – said they were powerless to stop it. “If the hackers do have access to the back end of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction,” said Michael Borohovski, director of software engineering at security company Synopsys.