250,000 Accounts Hacked on Twitter
This seems like a big month, both positive and negative, for Twitter. They recently launched a new video looping application named Vine, at the same time, being ordered by a French court to release the identities of an anti-Semitic group. Now, it has been reported that on Friday afternoon, Twitter was hacked, jeopardizing the accounts of a quarter million users.
So How Did This Attack On Twitter Go Down?
In the weeks leading up to the discovery of the attack, Twitter had detected a breach in their networks, but upon investigation, this led to the discovery of a much larger breach. According to Twitter’s Director Of Information Security, Bob Lord, ‘This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later.’
This is hardly encouraging, as he goes on to say ‘our investigation has thus far indicated that the attackers may have had access to limited user information.” In response to this attack, twitter went ahead and reset the passwords and seizing session tokens, which allowed users to stay login without entering a password.
What Is Known About This Attack?
The attack is thought to have been exploited by a recent Java vulnerability and even the Department of Homeland Security encouraged computer users to disable Java, unless it was absolutely necessary. Until Java and Oracle address these problems, even more accounts might be at risk to such hacks, such as a kind used against twitter and other organizations.
Connections Between Other Related Attacks
Just recently, the New York Times and Wall Street Journal had their networks breached in an attack that was attributed to Chinese hackers. Bloomberg news has said it was targeted, but no computers in their networks were ever hacked. As of now, twitter has not place the blame on any one group or person.
What is known by twitter is that, as said by Bob Lord, ‘”This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.”
The quarter million accounts that were hacked is just a fraction of the 200 million accounts that are present in twitter service. In order to decrease vulnerability, using strong passwords with a mixture of upper and lowercase letters, as well as numbers, will greatly aid in reducing the chance of having your account compromise by other users. In addition, until the vulnerabilities of Java are addressed, it will be a great idea to disable the Java.