What Happened In The Twitter Attack Of July 2020?
Tuesday, 15th July was a busy day for Twitter. A large-scale attack that won’t be forgotten anytime soon was done with many high-profile users (verified ones). It involved bitcoins, social engineering, and a long day for those working in Twitter’s cybersecurity department. While most of you might’ve heard bits and pieces of what happened, let us have a look at the actual picture.
The Attack
A lot of verified accounts put out similar tweets on Tuesday. While the wording wasn’t exactly the same, they all had the same information. These people and corporations said that they wanted to give back to the community. Any amount of Bitcoin sent to the Bitcoin wallet address would be returned to the senders after doubling their amount.
While these tweets came from users known to use their personal devices, they were expected to be authentic. But if you looked closely enough, you could notice that all the tweets mentioned the same wallet address. The founder of Gemini, the cryptocurrency company Cameron Winklevoss tweeted that the tweets were a scam and nobody should be participating in them. Ironically, even Gemini’s account was compromised.
The attack featured a long list of accounts including but not limited to Elon Musk, Barack Obama, Jeff Bezos, Bill Gates, Wiz Khalifa, Apple, and Uber. The widespread nature of this attack makes it one of the largest attacks to happen on a social media platform.
The Impact
While most people saw the tweets for what they were – hoaxes, some people ended up falling for the attack. The Bitcoin wallet linked to the mentioned address was found to have been credited with around $115,00 in the past 24 hours. While this is a huge amount in terms of value, it is not sure how much of this amount is part of the attack.
Twitter’s Response
An attack of this scale took everyone by surprise, especially Twitter’s security team. Twitter removed all tweets soon after the attack and even had to partially shut down its network. Twitter also disabled tweeting functionalities for verified attacks (ones with a blue tick) for a while to ensure that they had control of the network.
Twitter CEO Jack Dorsey tweeted that it was “a tough day at Twitter” and the issue was being diagnosed and everything would be shared once they get a complete understanding of what happened.
Tough day for us at Twitter. We all feel terrible this happened.
— jack (@jack) July 16, 2020
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.
Later that day, Twitter revealed that they detected a social engineering attack targeting some of their employees. The employees who were targeted had access to internal systems and tools which in turn were used to carry out the attack.
This attack has hit Twitter’s reputation in a huge manner. Many celebrities and brands use Twitter as a medium of communication, with the belief of it is an authentic safe space. This attack questions the safety provided by Twitter. Moving forward, Twitter would need to devise a way to check for the authenticity of tweets on their platform.
While this wasn’t the first breach involving high-profile accounts on Twitter the magnitude of this attack is what raises concerns.
Read More: WhatsApp Pink Scam: How Clicking on a Link Gets Your Phone Hacked
Previous Account Compromises
In 2009, US President Donald Trump’s Twitter account was taken down for 11 minutes by a departing employee. Twitter put safeguards in place to ensure something of the sort doesn’t happen again, without mentioning what kind of safeguards they were.
Last year, Jack Dorsey, CEO of Twitter also had his account hacked by a group that calls themselves the Chuckle Squad. Many offensive tweets were sent from his account. It was later found that the phone number linked to the account was compromised. It was also revealed that no internal breaches were detected during the attack.
In 2013, the Twitter account of the Associated Press was compromised and a tweet saying that the White House was under attack, caused mass hysteria amongst the public.
The Bright Side
While the attack does question Twitter’s safety, experts express relief saying that the accounts were used for monetary gains and not to spread fake information, citing the 2013 attack on the Associated Press Twitter account. Considering the fact that multiple accounts were breached this time and with the current situation requiring people to stay safe indoors, it would’ve been catastrophic at the least, if fake news was what the cybercriminals wanted.
To sum it up, this incident was another reminder that nothing in the digital space is safe and 100% privacy can be taken as a blind promise. The safety of the digital world is a myth and hacks can occur from anywhere, exploiting the smallest of vulnerabilities. Constant vigilance is required in the digital world, for the internet is dark and full of terrors.
Contributors: Navaneeth S, Labeeb Ajmal
AI Security Risks in Saudi Banking: What SAMA Expects from FinTech and Banks in 2026
Key Takeaways: AI Security Risks in Saudi Banking are expanding faster than most existing cybersecurity programs can handle, and the gap is widening with every new deployment. SAMA regulations do not currently include a standalone AI cybersecurity rulebook; banks and FinTechs should assess AI use cases against applicable SAMA Cyber Security Framework control areas to […]
DIFC Data Protection Law Amendment Guide for Dubai Financial Firms
Key Takeaways: The DIFC data protection law amendment has raised compliance obligations significantly, firms relying on their pre-amendment posture are already exposed. DIFC Data Protection Law operates independently from UAE federal data protection law; financial firms within the Centre must meet its specific requirements directly. The Commissioner of Data Protection holds real enforcement authority, documentation […]
Cybersecurity for Qatar Logistics & Port Operators: Protecting Digital Supply Chain Systems
Key Takeaways: OT systems controlling cargo equipment and port infrastructure are often among the most under-monitored and operationally sensitive layers in Qatar logistics security environments. A single compromised vendor credential can silently reach core logistics systems long before any alert fires in your SOC. Cybersecurity for Qatar logistics ports is a revenue protection issue, port […]
SAMA Open Banking Security: API Security Requirements for Saudi FinTech in 2026
Key Takeaways: SAMA Open Banking has moved beyond sandbox-supervised testing into a formal licensing regime for approved open banking providers in Saudi Arabia. For every Saudi FinTech in KSA, API governance is what gets you to market. SAMA’s Open Banking Framework sets expectations around secure API-based data sharing, consent-driven access, and governance, while the SAMA […]
Cyber Incident Response Planning for Saudi Enterprises: NCA and SAMA Requirements Explained
Key Takeaways: Cyber incident response in Saudi Arabia is a binding obligation under both the NCA Essential Cybersecurity Controls and the SAMA cybersecurity framework. A documented IRP means nothing if it has never been tested, execution under breach conditions is what NCA and SAMA assessors measure. SAMA compliance requires more than documentation. Regulated entities are […]
How Indian Startups Can Pass Enterprise Security Reviews: SOC 2, ISO 27001, or VAPT?
Key Takeaways: SOC 2 attestation needs understanding the five trust services criteria, Security, Availability, Privacy, Confidentiality, and Processing Integrity. ISO 27001 Certification helps startups establish a formal Information Security Management System (ISMS) that facilitates a structured risk management, governance, and continuous security improvement. VAPT (Vulnerability Assessment and Penetration Testing) is critical to identifying security vulnerabilities […]
