Hackers implemented a rather complex scheme. They attacked some employees to gain access to the internal system of the social network and then switch to others with broader powers

Hackers were able to hack Twitter using a phishing attack on employees ' mobile devices, representatives of the social network said in their official blog. This refers to a deliberate attempt to steal information, such as account information or Bank card information, from a specific person.
Initially, the attackers focused on employees who did not have the ability to manage user accounts. After obtaining the necessary data, hackers were able to get into the internal network of the system. This allowed us to get information about employees with broader powers and attack them already.

Thus, the criminals got access to the internal tools of the social network. Thanks to this, they were able to attack 130 Twitter user accounts, posting messages on behalf of 45. In the case of 36 accounts, hackers opened personal correspondence and downloaded an archive of personal data from 7 people.