Twitter hacked; 250,000 accounts affected
NEW YORK (CNN) — Twitter is coming forward as the latest site to be hacked. The social network said in a blog post Friday afternoon that approximately 250,000 user accounts were potentially compromised, with attackers gaining access to information, including user names and email addresses.
The company first detected signs of an attack earlier in the week, which led to an investigation and the discovery of a larger breach.
“This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later,” said Bob Lord, Twitter’s director of information security, in a post. “However, our investigation has thus far indicated that the attackers may have had access to limited user information.”
Twitter has reset the passwords and revoked session tokens, which allow you to stay logged into the service without re-entering a password, for all of these accounts. Affected users will not be able to log in and will receive an e-mail instructing them to reset their password. The post doesn’t go into details about the methods the attackers used, but does refer to a recent Java vulnerability. The Department of Homeland Security recently warned users about the issue and suggested they disable Java in their browsers unless “it is absolutely necessary.”
This attack follows major security breaches at the New York Times and the Wall Street Journal, which were both attributed to Chinese hackers. The New York Times suspects it was in response to negative coverage of the Chinese Prime Minister Wen Jiabao, and the Journal said evidence pointed to an attempt to “target the monitoring of the Journal’s coverage of China.” While the Twitter post does not mention China or blame the hacks on any specific country or group, it does mention the newspaper hacks.