News Column

Twitter Hackers Gain Access to 250,000 Passwords, Emails

Feb. 4, 2013

Pete Carey, San Jose Mercury News


Twitter said Friday that it had been attacked by "sophisticated" hackers who had obtained email addresses and passwords of 250,000 users.

The popular social media site canceled passwords for the users and sent them emails advising them how to create a new password.

The attack "was not the work of amateurs, and we do not believe it was an isolated incident," said Bob Lord, director of security at Twitter, in the blog post.

"The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still

gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users."

The attack was spotted when Twitter security saw "unusual access patterns" that showed someone making unauthorized attempts to access Twitter user data, Lord reported.

"We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information -- user names, email addresses, session tokens and encrypted/salted versions of passwords -- for approximately 250,000 users."

Other news organizations have been attacked

recently. The New York Times disclosed a sophisticated attack it attributed to Chinese-based hackers. The Wall Street Journal followed with a report that it also had been attacked. Bloomberg has also been a target.

Source: (c)2013 San Jose Mercury News (San Jose, Calif.). Distributed by MCT Information Services.

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters