Twitter has reported that it was the target of an effort by hackers to get illegal access to its users’ information. In a blog post, it states that somewhere around 250,000 users might have been affected, with minimal user information accessed, such as usernames, email addresses, session tokens, and encrypted/salted versions of passwords.
From the blog post: “This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users. As a precautionary security measure, we have reset passwords and revoked session tokens for these accounts.”
This attack occurs at a time when a number of companies including The New York Times and The Wall Street Journal have reported being the targets of attacks allegedly originating from China. Twitter has not said where the attacks may have originated but said that “the attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”
Photo from Flickr use Photo Giddy, used under Creative Commons license.