Twitter recently announced that the micro blogging website has fallen victim to an attack, permitting hackers with access to information of approximately 250,000 users. The breach was identified just yesterday and the company has taken measures to ensure that account holders are secure.
The attack came to light after unusual access patterns were detected. The company states that they managed to shut down the live hack soon. However, further investigation revealed that limited user information including usernames, email addresses, session tokens and passwords that are encrypted as well as salted, were compromised. Login codes for these accounts have been reset and tokens revoked.
Bob Lord, the Director of Information Security at Twitter, states through a blog post that users should maintain good password hygiene to ensure that their accounts stay secure not only on the SNS, but also other web services. An ideal password, according to the article, would be at least 10 characters long, having a mixture of symbols, numerals and upper- as well as lower-case letters. Also, implementing the same key code for multiple websites increases the chances of getting hacked. The company even advises users to disable Java on their browsers due to security concerns.
Twitter is apparently not the only target. A chain of attacks have been reported over the weeks in the US. The New York Times and Wall Street Journal, both have had their systems breached and various others have taken up defensive measures to prevent attacks. For instance, Apple and Mozilla have apparently disabled Java by default in their Safari and Firefox browsers, respectively. The hackers are also said to be targeting various technology and media companies in the US.
Not too long ago, the SNS inadvertently flipped the switch, resetting passwords of various users. The accident took place during a routine check where the company intentionally resets the key codes of accounts that are deemed compromised. A formal apology was issued along with an email to help members reconfigure a secure login combination.
Those affected by Twitter being hacked will receive an email from the company if they haven’t already, on the ID associated with their profile. The mail will advise users to create a new password, without which they won’t be able to log into their accounts.