top of page

2020's Monumental Celebrity-Infused Twitter Hack: What Happened?


Last week, Twitter users noticed a bizarre wave of tweets originating from high-profile accounts, all issuing nearly the same message:

“I am giving back to my fans. All Bitcoin sent to my address below will be sent back doubled. I am doing a maximum of $10,000,000. [redacted bitcoin address] Only going on for 30 minutes.”

Celebrities, politicians, and several legitimate organizations had their accounts hacked to campaign for a cryptocurrency scam organized by an underground group of adversaries. The list of compromised accounts include ones belonging to Elon Musk, Kim Kardashian, President Obama, Bill Gates, and more. All were asking for followers to send their total Bitcoin to hackers with the promise that double the original number would be returned.

Image Courtesy Of Post "The Twitter mega-hack. What you need to know" by Graham Cluley on


Supposedly, the accounts were compromised from hackers gaining access to Twitter’s administration panel -a part of Twitter’s infrastructure that is used by a small group of Twitter admin employees to trouble-shoot problems with users’ accounts. From the admin panel, an adversary has the ability to reset the email address of any Twitter account (taking control of the account themselves) and to disable two-factor authentication (which diminishes the security of users who enabled it).

According to Motherboard, a Twitter insider is responsible for this breach of trust. Leaked screenshots sent to Motherboard from an underground hacking community reveal that a Twitter employee was paid to compromise the platform. The screenshots show details about the victim’s Twitter account through use of the administration panel, as well as its status of being protected, suspended, or permanently suspended.


Technically, a user could have done nothing themselves to prevent this attack. Suggested defenses such as enabling two-factor authentication would have been insufficient in this case (for the 2FA was turned off by the hackers). The brunt of improving security standards falls on Twitter.

The company cannot be blamed entirely for the will of one of its employees going rogue. The poor judgement and bad morals of one individual being bought by hackers reflects badly on Twitter’s reputation. However, for a company who has experienced public embarrassment of account-takeovers before, their internal security standards must be reassessed. It is certain that in their process of incident response, Twitter should now be reevaluating the following security measures:

  • The addition of more security controls to the Twitter administration panel

  • Enable 2FA for the panel

  • Enable only certain IP addresses able to access the panel

  • Higher restrictive access of employees able to access the administration panel (a smaller group of trustworthy Twitter employees are only allowed access versus before)

However, the most important discussion that must take place is the ethics of Twitter’s employees when handling private data. It may have been thought before that the company’s standards for CIA (Confidentiality, Integrity, and Availability) of data may have been up to date, but obviously, if employees are violating the confidentiality and integrity of data, then there needs to be a change in Twitter’s environment. Computer ethics is a crucial part of cybersecurity training that must be practiced by every employee in every organization; regardless of the employee’s position. In order to regain the trust of users, Twitter must educate their employees about higher morals and find ways to integrate the practice of better computer ethics in employee training sessions.

The current breach can act as a future scenario to educate employees on the importance of maintaining client confidentiality and integrity. Employees that practice exceptional computer ethics should be rewarded in the form of non-monetary incentives that are put in place by Twitter’s leadership. Employees that do not practice such ethics should realize that they risk termination if they continue to do so.


Every user that has a Twitter account should now be reassessing their security practices and standards. Although little could have been done to prevent this attack (which supposedly originated from within Twitter), it is still essential that the users hold up their end of exemplary security. This includes choosing long and complex passwords, enabling two-factor authentication, and being discreet about who you share your information with.

Refer to our previous posts, “How To Not Let Details About Your Privacy Slip” and “10 Easy Things You Can Do To Increase Your Personal Cybersecurity” for more tips on account protection. Lastly, Graham Cluley - a talented security blogger and the source of information on this topic- gives a piece of vital advice that will save victims from future security incidents:

“Stop believing everything you read on twitter. Even if it comes from a company, a reality TV star, or an account with a verified tick.” -Graham Cluley

Such advice should be applied at all times even when not during a security breach. In conclusion, stay safe and be weary of Twitter scams!


bottom of page