The FBI and New York state have launched investigations into Wednesday’s unprecedented hack of Twitter, as the social media company faced widespread concern over its security practices ahead of the US presidential election.
A spokesperson at the FBI’s San Francisco division confirmed that the agency was investigating the hack, in which attackers hijacked the official accounts of Apple, Uber, Joe Biden, Elon Musk, Kim Kardashian and hundreds of others on Wednesday to solicit more than $100,000 in bitcoin.
“At this time, the accounts appear to have been compromised in order to perpetuate cryptocurrency fraud,” the FBI spokesperson said.
Twitter said on Thursday it believed 130 accounts were targeted, with hackers able to gain control of a “small subset” of those accounts.
Separately, Andrew Cuomo, New York governor, said in a statement that he had ordered a “full investigation” into the incident through the New York Department of Financial Services “and any other relevant state agency”.
“The Twitter hack and widespread takeover of verified Twitter accounts is deeply troubling and raises concerns about the cyber security of our communications systems, which are critical as we approach the upcoming presidential election,” he said.
Chainalysis, a blockchain analysis company used by governments and financial institutions, said that it had been contacted by a number of federal law enforcement agencies about the incident but would share no further details.
The probes come as Twitter faces mounting questions over how attackers were able to control the accounts and whether other data — such as users’ personal messages — were accessed.
Several hours after the hack, Twitter said that it had detected a “co-ordinated social engineering attack” that had “successfully targeted some of our employees with access to internal systems and tools”.
The company would not say on Thursday whether employees or contractors were tricked into handing over access to the administrative systems, or whether they co-operated with hackers.
In a further update, it added that it had “no evidence that attackers accessed passwords”, and that it was “taking aggressive steps to secure our systems while our investigations are ongoing”, as well as “assessing longer-term steps”.
Two former employees, speaking to the Financial Times on condition of anonymity, said that the number of people with access to the admin tools was in the hundreds. “The access is too broadly offered to Twitter engineers,” one former senior executive said.
Twitter refused to comment.
Lawmakers on Capitol Hill also raised questions over whether Twitter has security vulnerabilities.
The Senate Intelligence Committee asked Twitter for information about the hack. “The ability of bad actors to take over prominent accounts, even fleetingly, signals a worrisome vulnerability in this media environment,” said Senator Mark Warner, the committee’s most senior Democrat.
Ed Markey, another Democratic senator, said: “Imagine if the bad actors that hacked Twitter had a different intent, to use powerful voices to spread disinformation to interfere with our elections or disrupt the stock market.”
Soon after the hacking took place, Josh Hawley, a Republican senator from Missouri, published a letter to Jack Dorsey, Twitter’s chief executive, urging the company to contact the FBI and the US Department of Justice. “A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” he said.
The White House said on Thursday that it had been in “constant contact” with Twitter since the hack, adding that President Donald Trump’s account was “secure and not jeopardised” during the attack.
Additional reporting by Lauren Fedor in Washington DC