Twitter hack: What to do about the cyber attack that hit everyone from Kanye West to Barack Obama

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Twitter has been hit probably the biggest security incident in its history, with the accounts of everyone from Kanye West to Barack Obama being taken over to post similar messages.

The tweets instructed users to send bitcoin to a specific address, on the false promise that they would receive more of it back in return. Such cryptocurrency scams are popular on Twitter – but have never been carried out on such a spectacular scale before.

All of the affected tweets appear to have been sent by verified accounts, who have since had the posts removed and their logins secured once again. But the hack could have lasting implications for anyone who used the site.

Twitter has admitted that the attack was not any specific account but rather on its own systems. Once the hacker had gained access through someone who works at Twitter, it appears they were able to post to the accounts.

It also said that the hackers could have conducted other malicious actions or gained access to otherwise private information. It did not elaborate what those actions or that information may have been, and suggested that it will not know until further investigation is carried out.

But security experts have noted that the amount of money reclaimed through the bitcoin scam was relatively limited, and that the attackers would probably have had the ability to carry out far more damaging and widespread actions. Some have even suggested that the cryptocurrency part of the hack could have been used as a distraction for whatever other aim the attackers had.

It is that fact, however, that means the hack could potentially cause problems for anyone who uses the site – not only for those whose accounts were caught up in the bitcoin scam, or even those who are verified, but anyone at all may theoretically have had their details compromised in the hack.

The vague nature of the potential attack does however also mean that it is hard to defend against it, or to anticipate whatever may have happened. Without knowing what might have been compromised, it is hard to secure it too.

As such, there is little way to know whether anything has happened to your account beyond staying attuned to any announcements coming from Twitter, and any reporting around what happened in the attack. For the time being, there has been nothing from either the company itself or any reliable reports that definitively indicates anyone's accounts were tampered with beyond the cryptocurrency tweets.

Beyond that, it is worth taking the normal security measures used with any login on any other site. Ensure that the password is secure, and that two-factor authentication is turned on, and keep an eye out for any suspect activity both on Twitter or anywhere else that could indicate that personal information has been stolen.