Twitter said on Wednesday night that some of its employees with access to internal systems were targeted as part of a “coordinated social engineering attack” that led to a wide-spread bitcoin hack affecting numerous high-profile accounts.
The company made the announcement in a series of tweets late on Wednesday night. On Wednesday evening, several major accounts like Joe Biden, Barack Obama, Bill Gates, and Elon Musk were hacked and sent out messages promoting a bitcoin scam.
As the scam spread, Twitter also temporarily blocked verified accounts from tweeting as it investigated what was happening.
The announcement also came amid a report from Motherboard, which obtained screenshots of an internal system at Twitter. One source who was in control of accounts told the news outlet they paid a Twitter employee for access to the internal system.
The system allowed for employees to see information about accounts, whether it was suspended, protected, or permanently suspended.
Twitter appeared to confirm that several people at the company with access to the tools were part of the reason for the hacks, adding that it was looking into “other malicious activity they may have conducted or information they may have accessed.”
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter’s support account wrote. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”
Motherboard noted that Twitter was deleting photos of the internal system and suspending accounts.