On July 15, 2020, more than one Twitter employee was targeted by cyber-attacks. These attacks were successful in acquiring the user name and password of an undisclosed number of employees at Twitter. The Twitter employees’ credentials were used to access several of Twitter’s internal systems including getting through Twitter’s two factor authentication protection. As of this moment we know for sure 130 accounts on Twitter were targeted. The attackers were able to reset the password, login, and send tweets on 45 of those accounts. Several of these accounts were well known business people, politicians, and celebrities.
Twitter’s incident response team was able to lockdown the compromised accounts and regain control. The exact mitigation efforts are not fully known as this would negate their effectiveness. One of the steps was to lock down any accounts in which the password was recently reset. At this time, all accounts are back up and running.
Twitter’s breach brings to light that no matter the extent in which a company goes to protect its data the integrity of the company’s network relies heavily on its employees. We, as in healthcare employees, are attacked at a rate far higher than any other industry. We should be skeptical while checking our email and we should never use a password for our NMHS account that we have used elsewhere, and we should never share our username and password with anyone.