Around 250,000 Twitter accounts compromised

February 2, 2013

Micro-blogging site Twitter has over the last few hours warned that it had detected a live attack on its systems, in which unknown miscreants attempted to gain unauthorized access to data on the site. While Twitter was able to shut down the attack soon after it was noticed, it has said that data for approximately 250,000 users could have been accessed. In the statement, it is clear that information targeted included user names, email addresses, session tokens used to keep track of what logged in users do on Twitter, and encrypted passwords with random data used to “salt” them, for improved security. Luckily, my account was not one of those affected and I have been Tweeting on my account @contadoharrison before and after the statement from Twitter.

Twitter has reset the passwords and revoked session tokens for the accounts affected by the attack. Twitter users whose accounts may have been compromised will have to create a new password when the log in next to Twitter. Twitter always encourages its users to use strong passwords, at least ten characters long and a mix of alphanumeric symbols while signing up. Twitter encourages users to disable Oracle’s Java on their computers since so many attackers have been using it launch their attacks although at the moment it is not known if a Java exploit was behind the attack. According to Twitter, the attack was not the work of amateurs, and they do not believe it was an isolated incident because attackers were extremely sophisticated, and Twitter believe other companies and organizations have also been recently similarly attacked.

Contador Harrison