Following a massive Twitter cyberattack during which countless accounts were hacked, including those of former President Barack Obama and presidential nominee Joe Biden, Senator Josh Hawley (R-Mo.) sent a letter to Twitter CEO Jack Dorsey requesting he immediately reach out to the Department of Justice and Federal Bureau of Investigation to take any necessary measures to secure the site.
Senator Hawley writes, “I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself. As you know, millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service. A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.”
Read the full letter here or below.
July 15, 2020
Jack Dorsey
Chief Executive Officer
Twitter
355 Market Street, Suite 900
San Francisco, CA 94103
Dear Mr. Dorsey,
As I write, Twitter seems to be experiencing a large-scale cyberattack, as illustrated by a number of posts inviting users to transfer Bitcoin under fraudulent pretenses. The accounts targeted include those for Apple, Uber, Jeff Bezos, former President Barack Obama, and even the Democratic nominee for President. The list of affected accounts is growing by the minute. Some affected accounts are alleged to have been protected by Twitter’s two factor authentication.
I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself. As you know, millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service. A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.
Please reach out immediately to the Department of Justice and the Federal Bureau of Investigation and take any necessary measures to secure the site before this breach expands. Once you have attended to immediate concerns, please respond to following questions:
- Did this event represent a breach of users’ own account security or of Twitter’s systems?
- Were accounts protected by two-factor authentication successfully targeted in this breach? If so, how was this possible?
- Did this breach compromise the account security of users whose accounts were not used to share fraudulent posts? If so, how many accounts were affected? Were all accounts’ security compromised by this breach?
- How many users may have faced data theft as a consequence of this breach?
- What measures does Twitter undertake to prevent system-level hacks from breaching the security of its entire userbase?
- Did this attack threaten the security of the president’s own Twitter account?
Sincerely,
Josh Hawley
United States Senator