Twitter | Search | |
Twitter Support
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
Reply Retweet Like More
Twitter Support Jul 15
Replying to @TwitterSupport
You may be unable to Tweet or reset your password while we review and address this incident.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
We’re continuing to limit the ability to Tweet, reset your password, and some other account functionalities while we look into this. Thanks for your patience.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We're working to get things back to normal as quickly as possible.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
Our investigation is still ongoing but here’s what we know so far:
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.
Reply Retweet Like
Twitter Support Jul 15
Replying to @TwitterSupport
Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
Here’s an update addressing questions we’ve heard around passwords and account access specifically:
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
We have no evidence that attackers accessed passwords. Currently, we don’t believe resetting your password is necessary.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
Out of an abundance of caution, and as part of our incident response yesterday to protect people’s security, we took the step to lock any accounts that had attempted to change the account’s password during the past 30 days.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
As part of the additional security measures we’ve taken, you may not have been able to reset your password. Other than the accounts that are still locked, people should be able to reset their password now.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
If your account was locked, this does not necessarily mean we have evidence that the account was compromised or accessed. So far, we believe only a small subset of these locked accounts were compromised, but are still investigating and will inform those who were affected.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
We're working to help people regain access to their accounts ASAP if they were proactively locked. This may take additional time since we’re taking extra steps to confirm that we’re granting access to the rightful owner.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
We’ve been working around the clock and will continue to provide updates here.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
We want to share some more specific updates coming out of the second day of our investigations.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident. For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
We’re working with impacted account owners and will continue to do so over the next several days. We are continuing to assess whether non-public data related to these accounts was compromised, and will provide updates if we determine that occurred.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
For all accounts, downloading Your Twitter Data is still disabled while we continue this investigation.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
We have also been taking aggressive steps to secure our systems while our investigations are ongoing. We’re still in the process of assessing longer-term steps that we may take and will share more details as soon as we can.
Reply Retweet Like
Twitter Support Jul 16
Replying to @TwitterSupport
Thank you for your continued patience and understanding while we investigate this incident. We’ll continue to provide updates when we have them.
Reply Retweet Like
Twitter Support Jul 17
Replying to @TwitterSupport
We’re sharing a blog post that collects the latest on our investigation. It reiterates what we’ve already shared here, and includes a few new findings.
Reply Retweet Like
Twitter Support Jul 17
Replying to @TwitterSupport
As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets.
Reply Retweet Like
Twitter Support Jul 17
Replying to @TwitterSupport
We are continuing our forensic review of all of the accounts to confirm all actions that may have been taken.
Reply Retweet Like
Twitter Support Jul 17
Replying to @TwitterSupport
For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our “Your Twitter Data” tool. We are reaching out directly to any account owner where we know this to be true.
Reply Retweet Like
Twitter Support Jul 17
Replying to @TwitterSupport
Our investigation and cooperation with law enforcement continues, and we remain committed to sharing any updates here. More to come via as our investigation continues.
Reply Retweet Like
Twitter Support Jul 17
Replying to @TwitterSupport
We hope that our openness and transparency throughout this process, and the steps and work we will take to safeguard against other attacks in the future, will be the start of making this right.
Reply Retweet Like