GOP lawmakers demand Twitter brief Congress on hack

The Senate Commerce Committee chairman and the top Republican on the House Oversight and Reform Committee on Thursday demanded Twitter brief lawmakers on the unprecedented hack that compromised the accounts of prominent celebrities and politicians, including presumptive Democratic presidential nominee Joe Biden and former President Obama.

In separate letters to Twitter CEO Jack Dorsey, the lawmakers said the breach represented a “failure” of the company’s internal controls. Sen. Roger Wicker (R-Miss.), chairman of the Senate commerce panel, called on Twitter to brief the committee staff by July 23 about the incident and the company’s response.

Rep. James Comer (R-Ky.), the ranking member of the House Oversight panel, said in his letter that Wednesday’s breach of the social media platform had the “potential to jeopardize national and economic security and disrupt the lives of millions of Americans.” He urged Dorsey to brief members of the House committee by July 24 and provide a list of answers providing clarity on what the hackers accomplished. 

Wednesday’s attack is likely the largest ever on Twitter’s security system. In a matter of minutes, the Twitter accounts of Biden, Obama, Tesla CEO Elon Musk, Amazon CEO Jeff Bezos and Microsoft founder Bill Gates had been breached as part of an apparent bitcoin scheme. Those who infiltrated the accounts shared similar messages asking people to transfer bitcoin payments to a certain bitcoin wallet. 

Twitter said late Wednesday that the perpetrators likely launched a “coordinated social engineering attack” that successfully targeted some employees who have access to internal systems and tools. 

“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf,” the company said. “We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”

The breach of the social network raised alarms in Washington, given the widespread use of the network in the U.S. Wicker argued it isn’t difficult to imagine similar attacks being deployed to spread disinformation and sow discord. Comer also cited President Trump’s frequent Twitter use in his letter to Dorsey to emphasize how consequential breaches of the platform could be. Trump’s account was not visibly compromised Wednesday.

Comer asked Dorsey to brief lawmakers on how many employees were targeted in the hack and to provide answers on what type of training staffers receive when it comes to cyber attacks. He also requested information on whether the hacking was committed by a foreign adversary or a private entity. 

Several lawmakers have echoed Comer and Wicker’s concerns since the breach occurred. Sen. Josh Hawley (R-Mo.), an outspoken critic of Big Tech, said that a “successful attack on [Twitter] system’s servers represents a threat to all of your users’ privacy and data security.”

Sen. Ron Wyden (D-Ore.) voiced fears about if hackers gained access to Twitter direct messages, saying that if that was the case, “this breach could have a breathtaking impact for years to come.”

While it’s still not clear if the hackers gained access to Twitter DMs, this is a vulnerability that has lasted for far too long and isn’t present in other competing platforms. If hackers gained access to users’ DMs, this breach could have a breathtaking impact for years to come.

— Ron Wyden (@RonWyden) July 16, 2020

The FBI is reportedly leading a federal inquiry into the incident. New York Gov. Andrew Cuomo (D) has also directed state agencies to launch a probe into the matter. 

Updated: 2:35 p.m.