The hacker who compromised the Twitter accounts of celebrities such as Britney Spears and Ashton Kutcher in May, who goes by the name Hacker Croll, apparently also went straight to the top, as the same French Website he posted on in May featured documents allegedly obtained by hacking into the Twitter accounts of Twitter founder Evan Williams, his wife and several employees, as reported by TechCrunch.
According to the post on the French site (rough English translation here), Hacker Croll used password-recovery techniques to gain access to Paypal, Amazon, Apple, AT&T, MobileMe and Gmail accounts.
The hacker also claimed that he or she was able to access Twitter’s domain-name account on GoDaddy and could have redirected the social-networking site’s traffic to another IP address.
Williams responded to an email from TechCrunch:
Yes, we did suffer an attack a few weeks ago and are familiar with this list of stuff. This is unrelated to the hack of Twitter where someone gained access to users’ accounts. This had nothing to do with the security of Twitter.com, and there were no user accounts compromised here.
He did not actually gain access to my @ev Twitter account (or any Twitter accounts), nor any administrative functions of the site.
There is also no evidence that he gained access to my email. There was one administrative employee whose email was compromised, as was my wife’s Gmail account, which is where he got access to some of my credit cards and other information.
He also successfully targeted a couple of other employees’ personal accounts (Amazon, AT&T, Paypal…).
In general, most of the sensitive information was personal, rather than company-related. Obviously, this was highly distressing to myself, my wife and other Twitter employees who were attacked. It was a good lesson for us that we are being targeted because we work for Twitter. We have taken extra steps to increase our security, but we know we can never be entirely comfortable with what we share via email.