Change your password! Twitter reports 250,000 users had their personal data stolen by hackers [DETAILS]

As many as a quarter of a million Twitter users may have had their personal details stolen by hackers, after the social media giant became the latest victim in a string of high-profile cyber attacks.

Twitter, which has over 200 million active users worldwide, admitted in a blog posting earlier this week it had detected attempts to gain access to its user data.

While the site shut down one attack moments after it was detected, it discovered the ‘extremely sophisticated’ hackers may have managed to access user names, e-mail addresses and encrypted passwords belonging to 250,000 users.

Hacked: Twitter said Friday that it had become the latest victim in a number of high-profile cyber-attacks against media companies, saying that hackers may have gained access to information on 250,000 of its more than 200 million active users
Hacked: Twitter said Friday that it had become the latest victim in a number of high-profile cyber-attacks against media companies, saying that hackers may have gained access to information on 250,000 of its more than 200 million active users

Twitter reset the pilfered passwords and has said all affected users would receive an e-mail notifying them that they need to create a new password.

SILENT THREAT: TWITTER JOINS GROWING LIST OF CYBER ATTACK VICTIMS

Twitter is not the only media company frantically reassessing its information security; U.S. firms including The New York Times, The Wall Street Journal and the Washington Post have also fallen victim to hackers.

The American publications say their computer systems were targeted by hackers in China.

The New York Times revealed its computer systems were infiltrated over a period of four months, during which time its reporters were investigating the huge fortune of Chinese premier Wen Jibao.

The newspaper believes the hackers were trying to monitor its coverage of the premier – a claim denied by the Chinese government.

Meanwhile the Wall Street Journal announced it had carried out a complete overhaul of its systems after discovering it too had been the target of China-based cyber attacks.

It said the hackers who breached its system were also trying to gain information about reporting activity and sources being used for the publication’s China coverage.

Yesterday the Washington Post revealed it had brought in consultants from the National Security Agency and the Defense Department after hackers targeted three servers and numerous desktops for more than half of last year.

It also alleges Chinese hackers were behind the prolonged breach.

The network was awash with tweets about the cyber attack today as the extent of the security breach came to light.

One user, under the handle @BacardiKid, posted: ‘If there are strange things going on with your account it’s because Twitter has been hacked – big time!’

The online attack comes on the heels of recent hacks into the computer systems of U.S. media and technology companies, including The New York Times and The Wall Street Journal.

Both American newspapers reported this week that their computer systems had been infiltrated by China-based hackers, likely to monitor media coverage the Chinese government deems important.

Bob Lord, Twitter’s director of information security, said the breach was the work of ‘extremely sophisticated’ attackers.

‘This attack was not the work of amateurs, and we do not believe it was an isolated incident… and we believe other companies and organisations have also been recently similarly attacked,’ he said in a blog post.

‘For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users,’ Mr Lord added.

China has been accused of mounting a widespread, aggressive cyber-spying campaign for several years, trying to steal classified information and corporate secrets and to intimidate critics.

The Chinese foreign ministry could not be reached for comment Saturday, but the Chinese government has said those accusations are baseless and that China itself is a victim of cyber-attacks.

‘Chinese law forbids hacking and any other actions that damage Internet security,’ the Chinese Defense Ministry recently said. ‘The Chinese military has never supported any hacking activities.’

Twitter users' details compromised
Professional job: Twitter said in its blog that the attack 'was not the work of amateurs, and we do not believe it was an isolated incident.' (Twitter's CEO Twitter Dick Costolo pictured)
Professional job: Twitter said in its blog that the attack ‘was not the work of amateurs, and we do not believe it was an isolated incident.’ (Twitter’s CEO Twitter Dick Costolo pictured)

Gauging the damage: Twitter is generally used to broadcast messages to the public, so the hacking might not immediately have yielded any important secrets
Gauging the damage: Twitter is generally used to broadcast messages to the public, so the hacking might not immediately have yielded any important secrets

One expert said that the Twitter hack probably happened after an employee’s home or work computer was compromised through vulnerabilities in Java, a commonly used computing language whose weaknesses have been well publicized.

Ashkan Soltani, an independent privacy and security researcher, said such a move would give attackers ‘a toehold’ in Twitter’s internal network, potentially allowing them either to sniff out user information as it traveled across the company’s system or break into specific areas, such as the authentication servers that process users’ passwords.

Twitter cyber attack

In a telephone interview on Friday, Soltani said that the relatively small number of users affected suggested either that attackers weren’t on the network long or that they were only able to compromise a subset of the company’s servers.

Twitter is generally used to broadcast messages to the public, so the hacking might not immediately have yielded any important secrets.

But the stolen credentials could be used to eavesdrop on private messages or track which Internet address a user is posting from.

That might be useful, for example, for an authoritarian regime trying to keep tabs on a journalist’s movements.

‘More realistically, someone could use that as an entry point into another service,’ Soltani said, noting that since few people bother using different passwords for different services, a password stolen from Twitter might be just as handy for reading a journalist’s emails.

Sophisticated hackers: 'The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked,' Twitter's blog read
Sophisticated hackers: ‘The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked,’ Twitter’s blog read

Daily Mail UK

Leave a reply

Your email address will not be published. Required fields are marked *

cool good eh love2 cute confused notgood numb disgusting fail