Twitter announced in a blog post today that it recently detected “unusual access patterns” — meaning it was being hacked.
The company was able to shut down one attack while it was in progress, but discovered that up to 250,000 accounts had been compromised. Hackers got away with usernames as well as session tokens and hashed passwords. As a safety measure, Twitter says it shut down those affected session tokens and has reset the hacked accounts.
“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” said Bob Lord, Twitter director of information security in the blog post. “The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still gather information.”
Companies tend not to discuss attacks as they happen so as to not tip off the hackers or disrupt an investigation. In the wake of both The New York Times and the Wall Street Journal admitting to hacks, it seems now is not the time to keep quiet. Lord went on to say that Twitter is “helping government and federal law enforcement in their effort to find and prosecute these attackers” and further urged people to turn off Java after a number of critical vulnerabilities were found in the Oracle product.
You will likely be notified soon if you haven’t already that your account was compromised. Twitter says you will need to reset your password as you will no longer have access to your account as it stands.
Twitter did, however, choose a funny title for its blog post: “Keeping our users secure.” Marco Arment, the founder of Instapaper, poked fun at Twitter’s attempt to hedge the hack tweeting, “Calling this ‘Keeping our users secure’ is like having just your garage burn down and announcing, ‘Preventing fires.’”
Twitter image via Jolie O’Dell/VentureBeat