February 2, 2013
250,000 Twitter Users Affected By Hacking
redOrbit Staff & Wire Reports - Your Universe Online
Cyberattacks targeting popular microblogging website Twitter have compromised the accounts of approximately 250,000 users, officials from the San Francisco-based company announced on Friday.
According to the Wall Street Journal, Twitter revealed that the “sophisticated” attempts to gain unauthorized access to the accounts could have allowed hackers to gain access to a limited amount of data, including user names, email addresses, and encrypted passwords.
“As a result, Twitter has reset the passwords and revoked session tokens for the affected accounts,” explained PCMag.com´s Chloe Albanesius. “Those involved will receive an email from Twitter notifying them that they will have to reset their password.”
Ben Leach of The Telegraph added that those receiving the email will not be able to use their previous passwords, and that the company is advising members to make sure that they use “strong” replacement passwords.
Specifically, a statement from Twitter Director of Information Security Bob Lord explains that members should select account passwords that are at least 10 characters long; include a mix of uppercase letters, lowercase letters, numbers and symbols; and are not used for accounts at other websites, social networks, or online services.
Using the same password for more than one Internet account “significantly increases your odds of being compromised,” Lord said. He also said that Twitter was advising users to disable Java in their web browsers, and cautioned that they believe that the attack “was not the work of amateurs, and we do not believe it was an isolated incident.”
“The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked,” he added. “For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”
The content of the email Twitter has sent out to those they believe have been affected was forwarded to Wired by one user, and in it, the company advises against the use of websites or other services that promise to increase the number of followers for an account. Those services, the company said, “have been known to send spam updates and damage user accounts.”
One interesting note about the attack, as pointed out by TechCrunch reporter Ingrid Lunden, is that many of those individuals targeted by the hackers were among the first users of the microblogging service, which was created in March 2006.
“Twitter´s hack announcement Friday comes in a week crowded with announcements about media companies that have been hacked,” said Wired´s Kim Zetter.
On Thursday, the New York Times revealed that hackers, believed to be based in China, had accessed their network and stolen the usernames and passwords of the newspaper´s employees, she explained. The Wall Street Journal was also targeted, according to Lord, and Lunden added that Amazon had suffered an outage earlier this week, though she added that outside sources were not believed to have been involved in that incident.