indian_foxhound
FULL MEMBER
- Joined
- Jan 10, 2013
- Messages
- 1,827
- Reaction score
- 0
Twitter hacked, data of 250,000 users exposed - TOI Mobile | The Times of India Mobile Site
SAN FRANCISCO: Twitter said
Friday that hackers, in the latest
online attack, may have gained access to information on a quarter of a million of
its more than 200 million active users. The social media giant said in a blog posting that
earlier this week it detected attempts to gain
access to its user data. It shut down one attack
moments after it was detected. But it discovered that the attackers may have
gained access to usernames, email addresses and
encrypted passwords belonging to 250,000
users. Twitter has reset the pilfered passwords
and sent emails advising users that they'll have to
create a new one. "This attack was not the work of amateurs, and
we do not believe it was an isolated incident. The
attackers were extremely sophisticated, and we
believe other companies and organizations have
also been recently similarly attacked," the blog
said. "For that reason we felt that it was important to publicize this attack while we still
gather information, and we are helping
government and federal law enforcement in their
effort to find and prosecute these attackers to
make the Internet safer for all users." The hack is the latest high-profile cyber-attack on
US media and technology companies recently.
The New York Times and The Wall Street Journal
reported this week that their computer systems
had been infiltrated by China-based hackers. One expert said that the Twitter hack probably
happened after an employee's home or work
computer was compromised through a
vulnerability in Java, a commonly-used
computing language whose weaknesses have
been well publicized. Ashkan Soltani, an independent privacy and
security researcher, said such a move would give
attackers "a toehold" in Twitter's internal
network, potentially allowing them either to sniff
out user information as it traveled across the
company's system or break into specific areas, such as the authentication servers that process
users' passwords. In a telephone interview Friday, Soltani said that
the relatively limited number of users affected
suggested either that attackers weren't on the
network long or that they were only able to
compromise a subset of the company's servers. Twitter is generally used to broadcast messages
to the public, so the hacking might not
immediately have yielded any important secrets.
But the stolen credentials could be used to
eavesdrop on private messages or track which
Internet address a user is posting from. That might be useful, for example, for an
authoritarian regime trying to keep tabs on a
journalist's movements. "More realistically, someone could use that as an
entry point into another service," Soltani said,
noting that since few people bother using
different passwords for different services, a
password stolen from Twitter might be just as
handy for reading a journalist's emails.
SAN FRANCISCO: Twitter said
Friday that hackers, in the latest
online attack, may have gained access to information on a quarter of a million of
its more than 200 million active users. The social media giant said in a blog posting that
earlier this week it detected attempts to gain
access to its user data. It shut down one attack
moments after it was detected. But it discovered that the attackers may have
gained access to usernames, email addresses and
encrypted passwords belonging to 250,000
users. Twitter has reset the pilfered passwords
and sent emails advising users that they'll have to
create a new one. "This attack was not the work of amateurs, and
we do not believe it was an isolated incident. The
attackers were extremely sophisticated, and we
believe other companies and organizations have
also been recently similarly attacked," the blog
said. "For that reason we felt that it was important to publicize this attack while we still
gather information, and we are helping
government and federal law enforcement in their
effort to find and prosecute these attackers to
make the Internet safer for all users." The hack is the latest high-profile cyber-attack on
US media and technology companies recently.
The New York Times and The Wall Street Journal
reported this week that their computer systems
had been infiltrated by China-based hackers. One expert said that the Twitter hack probably
happened after an employee's home or work
computer was compromised through a
vulnerability in Java, a commonly-used
computing language whose weaknesses have
been well publicized. Ashkan Soltani, an independent privacy and
security researcher, said such a move would give
attackers "a toehold" in Twitter's internal
network, potentially allowing them either to sniff
out user information as it traveled across the
company's system or break into specific areas, such as the authentication servers that process
users' passwords. In a telephone interview Friday, Soltani said that
the relatively limited number of users affected
suggested either that attackers weren't on the
network long or that they were only able to
compromise a subset of the company's servers. Twitter is generally used to broadcast messages
to the public, so the hacking might not
immediately have yielded any important secrets.
But the stolen credentials could be used to
eavesdrop on private messages or track which
Internet address a user is posting from. That might be useful, for example, for an
authoritarian regime trying to keep tabs on a
journalist's movements. "More realistically, someone could use that as an
entry point into another service," Soltani said,
noting that since few people bother using
different passwords for different services, a
password stolen from Twitter might be just as
handy for reading a journalist's emails.
