Seems like a lot of US companies, particularly media companies, are being attacked recently. Some of the recent slew of attacks in the past year include the New York Times and Wall Street Journal, as well as the Washington Post even. Now, looks like Twitter has had a bit of a compromise of approximately 250,000 accounts.
Bob Lord, the Director of Information Security at Twitter stated that any accounts that were compromised, the data at risk includes usernames, email addresses, session tokens and encrypted/salted passwords:
“This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users.”
They have reset passwords and reset session tokens for the accounts that were compromised. How do you know if your account is compromised?
Some last words in the blog by Bob Lord include, “This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.”
We’d agree with him, it had to be pretty darn sophisticated. Even though that would be a small number compared to their extremely large userbase, that is still a lot of accounts statistically speaking. No doubts.
Read more about this on the Twitter blog.
Error: Twitter did not respond. Please wait a few minutes and refresh this page.