On Friday, Twitter announced that they had spotted “unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data”. After discovering one live attack they managed to shut it down a few minutes later but it was too late to stop the hackers gaining access. It’s believed that the main groups of people affected are those who signed up in 2007.
Twitter’s director of information security had this to say on the matter:
“Our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users. As a precautionary security measure, we have reset passwords and revoked session tokens for these accounts. This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.”
Source
Twitter has said that they believe the attacks were made through Java and both Apple and Mozilla have now turned this off in their browsers to reduce the risks of an attack on their systems.
