Twitter said in Saturday that hackers "manipulated" some of its employees to access accounts in a high-profile attack this past Wednesday, and apologized profusely for the breach, AFP reports.
Posts trying to dupe people into sending the hackers Bitcoin were tweeted by the official accounts of Apple, Uber, Bill Gates, Joe Biden, Elon Musk and many others, forcing Twitter to lock large numbers of accounts in damage control.
The hack has also raised questions about Twitter's security as it serves as a megaphone for politicians ahead of November's election.
More than $100,000 worth of the virtual currency was sent to email addresses mentioned in the tweets, according to Blockchain.com, which monitors crypto transactions.
"We know that they accessed tools only available to our internal support teams to target 130 Twitter accounts," said a statement posted Saturday on Twitter's blog.
For 45 of those accounts, the hackers were able to reset passwords, login and send tweets, it added, while the personal data of up to eight unverified users was downloaded.
Twitter said it was aware of its responsibility to its users and to society in general.
"We're embarrassed, we're disappointed, and more than anything, we're sorry," the company stated.
"We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice."
Twitter locked down affected accounts and removed the fraudulent tweets. It also shut off accounts not affected by the hack as a precaution. Most of those have now been restored, it said on Saturday.
For the 130 accounts that were accessed, Twitter said the hackers were able to see personal information including email addresses and phone numbers.
In cases where hackers took over an account, they may have been able to view "additional information," Twitter said without going into detail.
The attack was carried out by a group of young friends -- one who lives with his mother -- with no links to state or organized crime, The New York Times reported on Friday.
The paper said it interviewed four people who participated in the hacking, who shared logs and screenshots backing up their accounts of what happened.
Twitter said it is limiting the information it makes public about the attack while it carries out "remediation steps" to secure the site, as well as training employees to guard against future hacking attempts.