“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter support wrote in a statement.
The hacks included Joe Biden, Barack Obama, Mike Bloomberg, Kanye West, Jeff Bezos and Elon Musk. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf," Twitter said.
The hackers posted tweets on accounts of politicians, celebrities, companies and others, offering to send $2,000 for every $1,000 sent to a bitcoin address.
Twitter locked down and removed the fake tweets from the hacked accounts and temporarily disabled access for all “verified” accounts while the company investigated the breach.
Twitter support said it was investigating any malicious activity the hackers conducted “or information they may have accessed and will share more here as we have it.”
The company hasn’t given any specifics about the identities of the hackers yet.
Jason Koebler, the editor of Motherboard, tweeted, "we spoke to two hackers and we were able to independently verify they were in control of hijacked accounts today. One of them said they paid the Twitter employee to help them take over accounts; not sure on the specifics here at the moment."
Publicly available bitcoin records show that the scammer account has already received hundreds of transfers totaling more than $100,000 as of 6:30 p.m. ET. The account has transferred out approximately half that amount, but experts cautioned that scammers sometimes appear to distribute money so that their accounts appear legitimate.
"This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do," Twitters added. "Internally, we’ve taken significant steps to limit access to
internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues."
Twitter support said it would only restore access to compromised accounts when the company is certain it can be done securely.
Twitter CEO Jack Dorsey tweeted it had been a “tough day” and the company feels “terrible this happened.”
Fox News' Gregg Re contributed to this report.