In an update to its ongoing investigation into yesterday’s massive hack, Twitter said it found no evidence that hackers had gained access to user passwords.
As a result of this finding, the social network does not plan to reset any user passwords going forward as a result of yesterday’s incident when intruders broke into hundreds of high-profile accounts to promote a Bitcoin scam.
Twitter said the hack took place after a third-party group executed “a coordinated social engineering attack” against its employees to gain access to its backend and used internal tools to send out tweets on behalf of verified high-user-count profiles.
Defaced accounts included profiles for former US President Barrack Obama, former US Vice-President Joe Biden, celebrities like Kanye West and Kim Kardashian, but also tech companies like Apple and Uber.
Twitter stopped the attack yesterday by blocking verified accounts from sending out new tweets before rooting out the hackers from its backend.
Verified accounts were locked for a few hours before being reinstated.
Today, Twitter also blocked all of its users from tweeting strings that featured formatting similar to a Bitcoin address, making the job of some security analysts and code developers harder, as the measure also blocked some of their workflows that featured similar-looking strings (such as file hashes and Git file paths).
In an update to its investigation today, Twitter also said it blocked some users from changing their passwords, a measure it took to prevent account hijacking as a result of yesterday’s hack.
Only Twitter accounts that changed their password in the last month were affected by this last measure.
Twitter said its investigation is ongoing. US law enforcement agencies are also looking into the incident.
Some issues with Twitter’s investigation remain, such as if hackers had access to user’s private messages, a question Twitter has been dodging.