After discovering the hack, Twitter temporarily blocked verified accounts from posting new tweets to prevent further damage. The social media firm investigated the incident and believes the hack was the result of social engineering. In a series of tweets, Twitter reveals attackers targeted some employees with access to internal systems and tools.
We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
— Twitter Support (@TwitterSupport) July 16, 2020
ARS Technica notes the attackers could have done much worse than promoting a Bitcoin scam:
The compromise raises serious national security concerns because of the potential it had to sow panic and chaos. With control of virtually Twitter account, the attackers could have hijacked those belonging to President Trump or government agencies and done much worse than replay a cryptocurrency scam that has been going on for years. Twitter eventually contained the mass compromise but only after a flood of scam messages steadily flowed out of the social media site over several hours.