Twitter did not comment on a report by Motherboard that included a picture of its internal tools, and cited anonymous sources in the SIM swapping community that said an insider did the work for them. TechCrunch reports that a hacker named “Kirk” contacted forum posters on OGUsers, a site frequented by people who trade in popular social media handles, saying he needed help selling stolen vanity usernames. Their source indicated that it was unlikely a Twitter employee was involved, but one way or another, “Kirk” had access to internal tools and moved on to performing account takeovers later in the day.
Twitter also said that it’s investigating “what other malicious activity they may have conducted or information they may have accessed.” Based on the hackers ability to completely take over accounts, and the number of accounts they accessed, there’s speculation that they could have broken into virtually anyone’s account to see information stored as drafts or direct messages. We’ll continue to update this post as we learn more about what happened.