Twitter: “250,000 Users Were Hacked, Our Bad”
Earlier this week, hackers gained access to Twitter’s internal systems and stole information, compromising 250,000 accounts before the breach was stopped.
Bob Lord, the company’s manager of network security, reported the incident on Twitter’s official blog Friday.
Twitter is resetting passwords for the affected users.
Twitter’s Lord did not specify the method by which hackers penetrated its system. However, he mentioned vulnerabilities related to Java in Apple’s Safari Web browser and Mozilla’s Firefox browser, and noted an advisory from the U.S. Department of Homeland Security that users disable Java on their computers.
There are also suggestions in Lord’s post that the hacking attempt was organized, and possibly linked to recent cyberattacks on other media institutions like the Wall Street Journal and the New York Times. Lord wrote:
This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.
The New York Times recently reported that Chinese hackers linked to state or military institutions have been hacking its systems.
We’ve asked Twitter to clarify if it believes that the attack originated with hackers linked to any nation’s government or military and we’ll update this post if we hear back.
Twitter hired Lord, an industry veteran who had previously worked at Netscape and Red Hat, in 2010 to upgrade its security. The information-broadcasting service has about 200 million users.
Tags:AttackersBob LordBreachBroadcasting ServiceChinese HackersCyberattacksDepartment Of HomelandDepartment of homeland securityFirefox BrowserIndustry VeteranMedia InstitutionsMilitary InstitutionsNetwork SecurityNew York TimesRed HatSafari Web BrowsertwitterU S DepartmentU.S. Department of Homeland SecurityWall Street Journal