Twitter said Wednesday that hackers responsible for a high-profile beach last week had access to the direct messages of 36 users, including one elected official in the Netherlands, offering a concerning look into how much information was accessed in the hack.
Twitter said 36 out of the total 130 accounts that were targeted had their direct message inbox accessed by the hackers.
The company said one elected official in the Netherlands had their direct messages breached, but it believes that no other current or former elected officials had their messages accessed.
Hackers last week hijacked accounts belonging to dozens of high-profile figures, including Michael Bloomberg, Warren Buffett and Elon Musk, to tweet out an unsophisticated bitcoin scam.
Twitter has since said the hackers were able to tweet from 45 accounts, downloaded data from eight non-verified accounts using the “Your Twitter Data” tool and could view personal information such as emails and phone numbers for all the accounts targeted.Though the hack was expansive and affected some of the world’s most powerful people, the hackers behind the breach were young, individual actors who wanted to sell coveted Twitter handles such as “@y,” according to the New York Times. Twitter said the hackers got access to its internal systems with a successful “social engineering” attack on several employees. Social engineering is a technique used by hackers to dupe users into clicking on malicious links or giving away sensitive data by crafting fake emails or other messages.