
Twitter: Our investigation is still ongoing but here’s what we know so far - jc_811
https://twitter.com/TwitterSupport/status/1283591844962750464
======
dang
This thread and the one about the Vice article at
[https://news.ycombinator.com/item?id=23853786](https://news.ycombinator.com/item?id=23853786)
are close enough that I guess we should merge them.

The main thread about the hack is
[https://news.ycombinator.com/item?id=23851275](https://news.ycombinator.com/item?id=23851275).

~~~
koheripbal
Neither has any meaningful details on the penetration itself...

> We detected what we believe to be a coordinated social engineering attack by
> people who successfully targeted some of our employees with access to
> internal systems and tools.

...this could mean anything. Seems like they simply want to portray themselves
as the victims, even though it's very possible one of their own employees was
involved.

------
chrismcb
Am I the only one confused? The "headline" offers no information, other than
there is an ongoing information. I click on the title and I see two tweets.
One says people can tweet again, the other is essentially a repeat of the
game. And that is it. Am I supposed to make up my own story now? Or read a
bunch of random tweets to figure out what these two tweets are about? Like how
is this site usable for anything? Reading the comments here, it seems someone
hacked some twitter Asia , but that is all I've gleaned so far.

~~~
carrolldunham
they made the completely user-unfriendly decision that when you're signed out
at least, linked tweets you land on do not unfold the replies below, but
rather some facebook-tier 'you may like' type unrelated garbage. You have to
click the tweet again, to go to the same url (!) but with the normal display

------
jdminhbg
> Once we became aware of the incident, we immediately locked down the
> affected accounts and removed Tweets posted by the attackers.

@elonmusk was posting and deleting the scam tweets for hours. In what world is
that "immediate"?

~~~
Andrex
In the world where they're trying to mitigate PR outrage and legal fallout.

------
sch00lb0y
Shameless plug: All the companies(Google, Microsoft...) are telling trust us.
But, I believe that we should trust us instead of relying on third parties.
They always change when businesses interest changes. This is where web3 is
coming to play. Technologies like IFFS, safe network are coming. Looking at
the scale issue, I guess this web3 takes at least 5 more years. But, this kind
p2p technology is possible with small-scaled mesh. Mesh networks within our
devices or families. From the beginning, I hate the idea of storing passwords
in the third-party password manager. Later, I fell into the same trap because
a managing lot of passwords is difficult. So, I building an open-source p2p
password manger. Replicates the passwords within your devices, instead of
storing everything at the vendor's cloud. It's half-way for the closed beta
release. I would like to hear everyone's feedback on this idea.

Thanks

