Twitter believes the perpetrators of last week’s unprecedented attack on the company accessed the direct message (DM) inbox of an elected official in the Netherlands, the company said Wednesday evening. The revelation comes as part of the company’s ongoing investigation into last Thursday’s attack that allowed attackers to hijack the accounts of some of the service’s most high-profile users, including politicians Barack Obama and Joe Biden, to tweet a bitcoin scam.
Although Twitter didn’t name the Dutch official, local media reported last week that far-right, anti-Islam politician Geert Wilders, had his account hacked, retweeting a number of conspiracy theories and replacing Wilders’ profile photo with a caricature of a Black man and Moroccan flag. A hacker interviewed on Dutch radio also claimed to have access to Wilders’ DMs at the time.
In total, Twitter said it believes attackers accessed the DMs of up to 36 of the 130 targeted accounts, including that elected official. Twitter has “no indication” that other elected officials had their DMs accessed as part of the attack, however.
This wasn’t the first indication that DMs were a target for the attackers. They also attempted to download the “Your Twitter Data” archive for up to 8 accounts — a collection of data that does include DMs — Twitter said in a blog post on Friday. The company claims that none of those affected accounts were verified, however, which would seem to rule out politicians like Joe Biden having their DMs accessed in that particular way.
Twitter also said Friday that the attackers weren’t able to view previous account passwords of the 130 targeted accounts, though they had the potential to see personal information like email addresses and phone numbers.
For 45 of the targeted accounts, attackers were able to initiate a password reset, log in, and tweet, according to Twitter, allowing them to pose not just as Obama and Biden but also Tesla CEO Elon Musk, Microsoft co-founder Bill Gates, Kanye West, and others.