2/04/2013

250,000 users’ passwords stolen From Twitter by hackers


The social networking site (Twitter) has warned that A quarter million its users may have had their passwords and email addresses stolen by hackers. This is the biggest ever security breach which has affected Twitter, which has 200 million active users, and highlights growing concerns over the danger of so-called cyber attacks.

There is also a risk that Twitter's "internal network" has been compromised by the hacking, which could potentially compromise other information. But security experts cautioned that the hackers may have a potentially valuable cache of information, as many people's Twitter passwords are identical to those they use for other purposes, including banking. This has come after Twitter warned earlier this week of attempts to gain access to its user data. It said that it shut down one attack moments after it was detected.

The relatively small number of users affected suggested either that those attackers weren't on the network long or that they were only able to compromise a subset of the company's servers, he said.

An expert said that the Twitter hack probably happened after an employee's home or work computer was compromised through vulnerabilities in Java. Ashkan Soltani, an independent privacy and security researcher, also said that such a move would give attackers "a toehold" in Twitter's internal network, potentially allowing them either to sniff out user information as it traveled across the company's system or break into specific areas, such as the authentication servers that process users' passwords.

Bob Lord, Twitter's director of security told users to make sure that they use a strong password – at least 10 (but more is better) characters and a mixture of upper- and lowercase letters, numbers, and symbols. He further encouraged them to take the opportunity of ensuring that they follow good password hygiene, on Twitter and elsewhere on the internet.

Twitter said in updated in its blog that the attack was not the work of amateurs, and they do not believe it was an isolated incident. For that reason, Twitter decided that it was important to publicize the attack while they still gather information, and are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the internet safer for all users.

Twitter is generally used to transmit messages to the public, so the hacking might not immediately have yielded any important secrets. But the stolen credentials could be used to ear-drop on private messages or track which internet addresses a user is posting from

0 comments:

Post a Comment