Twitter hacked; 250,000 users must reset their passwords
- 02 February, 2013 01:08
- Comments
Twitter's servers have been breached by "extremely sophisticated" hackers who may have made off with user names and passwords for about 250,000 users, according to the company.
Twitter said unusual access patterns led it to identify the attacks, which took place during the past week.
"We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information -- usernames, email addresses, session tokens and encrypted/salted versions of passwords -- for approximately 250,000 users," Twitter Director of Information Security Bob Lord said in a blog post.
Twitter reset the passwords and revoked session tokens for the accounts, and said it was emailing the affected users on Friday and telling them to reset their passwords.
"This attack was not the work of amateurs, and we do not believe it was an isolated incident," the company said in its post.
It noted that The New York Times and The Wall Street Journal also said they'd been targeted by hackers this week. Those companies said the attacks originated in China, but Twitter did not point to a country of origin.
Twitter said it thinks other companies and organizations have recently been similarly attacked.
It urged all its users to ensure they are using strong passwords on Twitter and elsewhere on the Internet. Passwords should be at least 10 characters and use a mix of upper- and lowercase letters, as well as numbers and symbols, the site said.
"Using the same password for multiple online accounts significantly increases your odds of being compromised," Twitter said. "If you are not using good password hygiene, take a moment now to change your Twitter passwords."
The company said it was still gathering information about the attacks and is working with federal law enforcement agencies to prosecute the attackers.
James Niccolai covers data centers and general technology news for IDG News Service. Follow James on Twitter at @jniccolai. James's e-mail address is james_niccolai@idg.com
Recommended
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
-
Solving the skills conundrum – part 1
-
Australia suspected to have PRISM data: Ludlam
-
Australia Post’s mail business to lose $200 million this year
-
Australia Post’s mail business to lose $200 million this year
-
Microsoft's ambivalence about Office on the Web gives Apple shot with iWork on iCloud
-
Real-Time Protection Against Malware Infection
Malware is at such high levels (more than 60 million unique samples per year) that protecting an endpoint with traditional antivirus software, has become futile. More than 100,000 new types of malware are now released every day, and antivirus vendors are racing to add new protection features to try to keep their protection levels up. Read more. -
HP Helps NEC Reduce Network Management Costs and Gain Efficiencies
NEC wanted to reduce network management costs, while increasing network visibility, decreasing mean-time-to-repair, improving stability and mitigating the risk of downtime. Download today to hear from Cameron Craig, Senior department manager of NEC on what approach they took and why. -
Mobile Load - Performance Testing for Mobile Applications
Key mobile trends and analysis on how performance testers must change their testing methodologies to ensure they are accounting for the changes caused by mobile usage. Download today.
Get exclusive access to Invitation only events CIO, reports & analysis. 
