Twitter says hackers compromise 250,000 accounts
3 posters
Page 1 of 1
Twitter says hackers compromise 250,000 accounts
SAN FRANCISCO (AP) — The social media giant Twitter acknowledged that it has become the latest victim in a number of cyber-attacks against media companies, saying hackers may have gained access to information on 250,000 of its more than 200 million active users.
The company said a blog post on Friday it detected attempts to gain access to its user data earlier in the week. It shut down one attack moments after it was detected. But Twitter discovered that the attackers may have stolen user names, email addresses and encrypted passwords belonging to 250,000 users they describe as 'a very small percentage of our users." Nonetheless, the company reset the pilfered passwords and sent emails advising the affected users.
The online attack comes on the heels of recent hacks into the computer systems of U.S. media and technology companies, including The New York Times and The Wall Street Journal. Both American newspapers reported this week that their computer systems had been infiltrated by China-based hackers, likely to monitor media coverage the Chinese government deems important.
China has been accused of mounting a widespread, aggressive cyber-spying campaign for several years, trying to steal classified information and corporate secrets and to intimidate critics. The Chinese foreign ministry could not be reached for comment Saturday, but the Chinese government has said those accusations are baseless and that China itself is a victim of cyber-attacks.
"Chinese law forbids hacking and any other actions that damage Internet security," the Chinese Defense Ministry recently said. "The Chinese military has never supported any hacking activities."
Although Bob Lord, Twitter's director of information security said in the blog that the attack "was not the work of amateurs, and we do not believe it was an isolated incident."
"The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked," Lord said. "For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users."
One expert said that the Twitter hack probably happened after an employee's home or work computer was compromised through vulnerabilities in Java, a commonly used computing language whose weaknesses have been well publicized.
Ashkan Soltani, an independent privacy and security researcher, said such a move would give attackers "a toehold" in Twitter's internal network, potentially allowing them either to sniff out user information as it traveled across the company's system or break into specific areas, such as the authentication servers that process users' passwords.
In a telephone interview Friday, Soltani said that the relatively small number of users affected suggested either that attackers weren't on the network long or that they were only able to compromise a subset of the company's servers.
Twitter is generally used to broadcast messages to the public, so the hacking might not immediately have yielded any important secrets. But the stolen credentials could be used to eavesdrop on private messages or track which Internet address a user is posting from.
That might be useful, for example, for an authoritarian regime trying to keep tabs on a journalist's movements.
"More realistically, someone could use that as an entry point into another service," Soltani said, noting that since few people bother using different passwords for different services, a password stolen from Twitter might be just as handy for reading a journalist's emails.
Got JAVA? Uninstall it.
The company said a blog post on Friday it detected attempts to gain access to its user data earlier in the week. It shut down one attack moments after it was detected. But Twitter discovered that the attackers may have stolen user names, email addresses and encrypted passwords belonging to 250,000 users they describe as 'a very small percentage of our users." Nonetheless, the company reset the pilfered passwords and sent emails advising the affected users.
The online attack comes on the heels of recent hacks into the computer systems of U.S. media and technology companies, including The New York Times and The Wall Street Journal. Both American newspapers reported this week that their computer systems had been infiltrated by China-based hackers, likely to monitor media coverage the Chinese government deems important.
China has been accused of mounting a widespread, aggressive cyber-spying campaign for several years, trying to steal classified information and corporate secrets and to intimidate critics. The Chinese foreign ministry could not be reached for comment Saturday, but the Chinese government has said those accusations are baseless and that China itself is a victim of cyber-attacks.
"Chinese law forbids hacking and any other actions that damage Internet security," the Chinese Defense Ministry recently said. "The Chinese military has never supported any hacking activities."
Although Bob Lord, Twitter's director of information security said in the blog that the attack "was not the work of amateurs, and we do not believe it was an isolated incident."
"The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked," Lord said. "For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users."
One expert said that the Twitter hack probably happened after an employee's home or work computer was compromised through vulnerabilities in Java, a commonly used computing language whose weaknesses have been well publicized.
Ashkan Soltani, an independent privacy and security researcher, said such a move would give attackers "a toehold" in Twitter's internal network, potentially allowing them either to sniff out user information as it traveled across the company's system or break into specific areas, such as the authentication servers that process users' passwords.
In a telephone interview Friday, Soltani said that the relatively small number of users affected suggested either that attackers weren't on the network long or that they were only able to compromise a subset of the company's servers.
Twitter is generally used to broadcast messages to the public, so the hacking might not immediately have yielded any important secrets. But the stolen credentials could be used to eavesdrop on private messages or track which Internet address a user is posting from.
That might be useful, for example, for an authoritarian regime trying to keep tabs on a journalist's movements.
"More realistically, someone could use that as an entry point into another service," Soltani said, noting that since few people bother using different passwords for different services, a password stolen from Twitter might be just as handy for reading a journalist's emails.
Got JAVA? Uninstall it.
fixin_dixon- Newbie
- Posts : 10
Join date : 2013-01-26
Re: Twitter says hackers compromise 250,000 accounts
Cyber attacks that we cannot comprehend "are looming"
Business, public services, economic structure, communication, & other phases of our life will be affected
I suggest everyone enable themselves to be able to sustain thirty days
living in all phases possible, Of course thirty is arbitrarily picked...
Essentials such as water, basic food, medicines, etc
Business, public services, economic structure, communication, & other phases of our life will be affected
I suggest everyone enable themselves to be able to sustain thirty days
living in all phases possible, Of course thirty is arbitrarily picked...
Essentials such as water, basic food, medicines, etc
sundown- Share Holder
- Posts : 565
Join date : 2012-05-16
Re: Twitter says hackers compromise 250,000 accounts
How's that bunker coming along,sundown?
viajero- Share Holder
- Posts : 5755
Join date : 2011-07-26
Location : San Pedro de los Saguaros
Humor : Twain
Re: Twitter says hackers compromise 250,000 accounts
Bunker is probably a good idea to protect myself from the people that are not prepared, especially those that believe in "spread the wealth"
sundown- Share Holder
- Posts : 565
Join date : 2012-05-16
Re: Twitter says hackers compromise 250,000 accounts
Well what are you waiting for,time's running out,better start digging.
viajero- Share Holder
- Posts : 5755
Join date : 2011-07-26
Location : San Pedro de los Saguaros
Humor : Twain
Re: Twitter says hackers compromise 250,000 accounts
In case you did not read my original post, but only my name, I stated cyber attack. Possibly you are not cognizant of the difference and need some help in understanding the difference
A Cyber attack affects only communication systems,. I am aware that you are well informed on other modes of attack.
A Cyber attack affects only communication systems,. I am aware that you are well informed on other modes of attack.
sundown- Share Holder
- Posts : 565
Join date : 2012-05-16
Similar topics
» checking accounts
» Mexico Bank Accounts
» Money taken from bank accounts
» Why Yahoo Mail Accounts Are Being Hijacked
» Widespread Hacking of Yahoo Email Accounts?
» Mexico Bank Accounts
» Money taken from bank accounts
» Why Yahoo Mail Accounts Are Being Hijacked
» Widespread Hacking of Yahoo Email Accounts?
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum