Twitter Hacked – 250,000 User Accounts Compromised – Tips to Account Safety
It is no longer a kind of surprise to hear big companies get caught in lower security measure against their users’ data. Facebook has once been hacked, leading to thousands of user’s personal details compromise, while some other sites such PayPal, the popular and most controversial payment processing site, have once experienced brute-force attack from hackers.
The latest victim of such kind of attacks is Twitter – the popular social networking site. Twitter has officially announced in a blog post that some hacker group have been able to compromised around 250,000 twitter accounts.
Twitter said the attempts was planned at Twitter owing to recent hacking attempts on some other high ranking websites; the New York Times, the Wall Street Journal, and now Twitter all in two weeks.
Does that mean your account has been compromised?
Although, there’s nothing much to worry yourself, Twitter is in control!
Presently, we cannot say if this would affect your account or not, but to know if you’re involved or not, please check your email because Twitter have reset all accounts deemed hacked immediately they noticed the uncommon account access.
The Director of Information Security at Twitter, Bob Lord, said, “the attack was not the handy work of small hackers, and it Twitter is not the only target. The hackers were strong players in the business, and had had a successful attack on other big companies and organizations. That is why we publicized the attack and we are presently working with the government and the federal law agencies to frustrate these attackers and make the internet a safe place.”
The Chinese government has been accused to be the brain behind these occurrences, but Twitter is yet to produce an evidence linking the cyber attack to China, but it claimed that one moment it discovered a live attack, it quickly shut down the process.
This attack is not the first Twitter will be experiencing, around last May, about 55,000 accounts were also compromised with celebrities being the major target. Twitter sent out another Email in November warning its users of a possible account compromise.
Twitter once they detected an unusual account access pattern had shut down the process just moments after it was launched rescuing millions of twitters.
Also those accounts which were compromised have less worry as their passwords have been reset and the main Email account associated with the Twitter account has been notified asking a new password.
The scenario is much worse for those people who keep one single password for all their online properties such as EMail Accounts, Other Social Network accounts etc. Hence it is best advised to keep a separate password for each online account so that even if one account gets in the wrong hands, The other will stay safe.
This is a sample of an Email sent by Twitter:
The attackers have had access to usernames, email addresses, session tokens and encrypted/salted versions of passwords for these 250,000 accounts and that in itself is a huge risk. These data that have been stolen can be used to build databases/password lists.
Further more if a compromised user, when asked to change his password sets his old password again then the whole point of a password reset becomes invalid, I am not sure if Twitter allows using old password again.. But in my opinion if they allow then it can pose a huge risk.