NYS DFS Publishes its Investigative Report of the Twitter Hack of July 2020
1 min read
Oct 16, 2020
The New York State Department of Financial Services issued a press release on Thursday announcing the publication of its investigative report of the July 2020 Twitter hack. The exhaustive report reviews the facts surrounding the hack, provides a visual timeline, and explores the cybersecurity weaknesses at Twitter that made the hack possible, including a lack of leadership, vulnerability to social engineering, and a failure to address the new vulnerabilities caused by the pandemic-driven shift to mass remote working.
A few key report findings we are highlighting: (1) the hackers accessed Twitter’s systems by calling employees and claiming to be from the IT department; (2) the hackers duped four employees into providing log in credentials which enabled them to hijack Twitter accounts of politicians, celebrities, entrepreneurs, and several DFS-regulated crypto currency firms; (3) the hackers engaged in Bitcoin fraud causing at least $118,000 in losses; and (4) the DFS-regulated crypto currency firms – all subject to the DFS Part 500 cybersecurity regulation – responded quickly to block attempted transfers to the Bitcoin addresses used by the hackers.
At the time of the attack Twitter did not have a CISO, nor did it have adequate access controls and identify management, or adequate security monitoring. The Report identifies best practices that address the weaknesses the hack exposed and recommends, among other things, that large social media companies be designated as systemically important institutions and be subjected to prudential regulation to manage their heightened cybersecurity risk.
A copy of the release and report is available at the links below.
https://www.dfs.ny.gov/reports_and_publications/press_releases/pr202010141
Topics
Related Capabilities
Featured Insights

Webinar
Jul 14, 2026
Scott Seaman Presents on Horizontal vs. Vertical Exhaustion of Insurance

Event
July 13-15, 2026
Hinshaw Proudly Sponsors 2026 Lavender Law Conference and Career Fair

Healthcare Alert
Jul 8, 2026
A New Era of Compliance Standards for California DSOs and MSOs After the Aspen Dental Settlement

Insights for Insurers Alert
Jul 7, 2026
What Insurers Need to Know About California’s FAIR Plan Assessment Recoupment Guidance

In The News
Jul 6, 2026
Francesco Palanda’s Practical Guide for Mitigating AI-Related Business Interruption Risk

Lawyers' Lawyer Newsletter
Jun 29, 2026
Beyond Malpractice: The Rising Threat of Privacy and Statutory Claims Against Lawyers

In The News
Jun 26, 2026
Brian McGrath Discusses Far-Reaching Impact of a NY Foreclosure Ruling on Mortgage Industry

In The News
Jun 26, 2026
Jason Oliveri Discusses AI Companions in Elder Care and the Risks for LGBTQ+ Residents



