Security News > 2020 > July > Twitter hackers busted 2FA to access accounts and then reset user passwords
Twitter has revealed more about the July 15 attack that saw several prominent accounts hijacked to promote a Bitcoin scam.
The Saturday, July 18 update admits "The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections."
Twitter isn't sure what, but said the "Attackers were able to view personal information including email addresses and phone numbers" for the 130 impacted accounts.
Eight account-holders suffered the indignity of attackers downloading the account's information through the "Your Twitter Data" tool, which offers users the chance to access a summary of their Twitter account details, private messages, and activity.
There's not much more to the post than that, other than perhaps the revelation that Twitter is collaborating with law enforcement agencies to figure out what happened.