The hackers, Twitter said, used this access to take control of many high-profile accounts and masquerade as their owners.
Obviously, this was a scam, and not the work of the former vice president. Also, the people who rely on those systems - both to communicate and inform themselves - might be expected to be more on guard.
Comparing the screenshot with the other real tweets from big public figures was the best way of identifying fakes.
The coordination alarmed cybersecurity researchers, though they saw the damage as minor given the circumstances.
Twitter's blue check mark system, which indicates verified accounts, is supposed to show that a user is authentic. "As this investigation is ongoing, we will not be making further comment at this time". Because of this, users were more likely to place their trust in the CryptoForHealth website or the provided Bitcoin address.
"While this scheme appears financially motivated.imagine if these bad actors had a different intent to use powerful voices to spread disinformation to potentially interfere with our elections, disrupt the stock market, or upset our worldwide relations", US Senator Ed Markey, a Democrat, said in a statement.
Most if not all these accounts were Twitter verified, and between them they shared tens of millions of followers.
Late Wednesday, Twitter said the hack was the result of a "coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools".
Several prominent Twitter accounts, including those of former U.S. president Barack Obama, Tesla CEO Elon Musk and Microsoft co-founder Bill Gates, were hacked apparently to promote a Bitcoin scam in what the microblogging site believes to be a "coordinated social engineering attack".
As of 8 PM on Wednesday, Twitter has not published any details on the attack, how it was carried out, or what personal information was compromised.
It appears to have been an attempt at a virtual heist.
Coronavirus in Suffolk: Face coverings and masks mandatory in shops
The prime minister described face coverings as "extra insurance", while levels of Covid-19 continue to fall. Click the link in the orange box below for details.
The scam resulted in users losing more than $100,000 in cryptocurrency sent to prominent accounts who promised they would double and return any funds they were sent.
Bitcoin addresses come in three formats: P2PKH, P2SH, and bech32.
Motherboard claimed that the persons included in Wednesday's assault were being sharing screenshots of a Twitter admin resource apparently applied for the assault. According to LinkedIn, Twitter's last CISO, Mike Convertino, left Twitter in December. The funds were then sent to 12 new addresses, where they are now sitting.
Whoever was behind the hack it turned out to be somewhat profitable, netting an estimated $121,000 in bitcoin payments.
One cyber-security expert said that the breach could have been a lot worse in other circumstances.
Now, new information suggests that the hack may have been perpetrated by those involved in SIM Swapping, an attack which involves tricking or bribing mobile carrier employees into transferring an individual's phone number to a hacker's SIM card.
Another theory for Trump's absence might be the motivations of the attackers. The tool was supposedly used to change account email addresses, which then enabled control over target profiles.
Several journalists appear to have also been locked out of their Twitter accounts, including Politico reporter Lara Seligman, Daily Beast editor-at-large Molly Jong-Fast, and BuzzFeed Social Media strategist Josh Billinson. A second source alleged they paid the employee to assist them with the heist.
Access to the employee tool could have spread beyond that group. All those equipment generally allow workforce suspend or deactivate accounts, but really do not let them tweet from people accounts, the WSJ stated.
Obviously, there are concerns around how secure Twitter is at the moment.
Twitter further noted it had locked some accounts that recently switched around their login information "out of an abundance of caution", further cautioning that "if your account was locked, this does not necessarily mean we have evidence that the account was compromised or accessed".
This may take additional time, Twitter cautioned, since the company is taking extra steps to confirm that it's granting access to the rightful owner.