On July 17, 2020, Twitter announced that 130 accounts were targeted by hackers with access to the social media giant’s internal user management system, which they had hacked using a well-organized social engineering attack targeting Twitter employees. Forty-five of those accounts were compromised, and of those compromised accounts, some are verified accounts that belong to high-profile tech companies, celebrities, and executives.

Hackers used the compromised accounts to tweet about giving away Bitcoin to the community. Any amount of Bitcoin sent to the BTC address mentioned in the posts was promised to be doubled and sent back to senders; this was, of course, a scam. The accounts belonging to Barack Obama, Elon Musk, Jeff Bezos, Uber, Warren Buffett, Coinbase, Ripple, Apple, and Bitcoin are just some of the high-profile victims of the attack.

Twitter had temporarily blocked those compromised accounts and is still investigating the complete flow of the attack to understand the extent of it. As of now, the hackers could have access to a substantial amount of data related to those compromised accounts; they may have grabbed even more information while they had access to Twitter’s internal systems. Twitter is likely to look for any insider threats that may have facilitated the attack, such as an employee helping hackers access the company’s internal user management tools. It is to be remembered that in 2019 two former Twitter employees were charged with carrying out an insider attack in which they collected data on critics of Saudi Arabia and handed that information over to Saudi officials.

If tech giants like Twitter can be easily compromised by social engineering attacks and insider threats, it is essential for other enterprises to strengthen their data security procedures. Considering that most people are working remotely due to the COVID-19 pandemic, it is important to ensure that all remote employees’ devices are properly updated and secured from any malicious actors.

Organizations need to employ the right remote workforce management, device management, data management, and application management solutions to reduce the chance of a successful hack. With tools for unified endpoint management, patch management, remote support, endpoint security, and data leak prevention in place, users’ devices and the data associated with them will be as secure as possible. While these proactive tools can assist businesses in preventing threats, solutions for SIEM, log management, endpoint protection, and file security management, as well as anti-virus software, can also equally benefit security professionals in detecting threats at the earliest.

If you’re wondering where to begin, download our cybersecurity tools, like Patch Manager Plus, Endpoint Central, Device Control Plus, Vulnerability Manager Plus, and Mobile Device Manager Plus, to set up a solid defense against cyberthreats.