Twitter hacked, data of 250,000 users exposed.!!!!!!!!!!

Hrishi

******************
Bad news for twitter users.
SAN FRANCISCO: Twitter said Friday that hackers, in the latest online attack, may have gained access to information on a quarter of a million of its more than 200 million active users.

The social media giant said in a blog posting that earlier this week it detected attempts to gain access to its user data. It shut down one attack moments after it was detected.

But it discovered that the attackers may have gained access to usernames, email addresses and encrypted passwords belonging to 250,000 users. Twitter has reset the pilfered passwords and sent emails advising users that they'll have to create a new one.

"This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked," the blog said. "For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users."

The hack is the latest high-profile cyber-attack on US media and technology companies recently. The New York Times and The Wall Street Journal reported this week that their computer systems had been infiltrated by China-based hackers.

One expert said that the Twitter hack probably happened after an employee's home or work computer was compromised through a vulnerability in Java, a commonly-used computing language whose weaknesses have been well publicized.

Ashkan Soltani, an independent privacy and security researcher, said such a move would give attackers "a toehold" in Twitter's internal network, potentially allowing them either to sniff out user information as it traveled across the company's system or break into specific areas, such as the authentication servers that process users' passwords.

In a telephone interview Friday, Soltani said that the relatively limited number of users affected suggested either that attackers weren't on the network long or that they were only able to compromise a subset of the company's servers.

Twitter is generally used to broadcast messages to the public, so the hacking might not immediately have yielded any important secrets. But the stolen credentials could be used to eavesdrop on private messages or track which Internet address a user is posting from.

That might be useful, for example, for an authoritarian regime trying to keep tabs on a journalist's movements.

"More realistically, someone could use that as an entry point into another service," Soltani said, noting that since few people bother using different passwords for different services, a password stolen from Twitter might be just as handy for reading a journalist's emails.

Source : TOI.
TOI.

I hope , FB isn't next target.
 

Gaurav265

A PC GAMER
Iwant to learn hacking.if a user know how the hacking is done then no one can hack his account.but nothing in this world is impossible...
 
OP
Hrishi

Hrishi

******************
Iwant to learn hacking.if a user know how the hacking is done then no one can hack his account.but nothing in this world is impossible...
This happened not because of those 2.5L users didn't knew hack**ng. Instead it was a result of some brained hackers who exploited a security bug in Java on the Twitter's employee PC.
But knowing the basics , can save you from some trouble from Script kiddies and similiar category cyber criminals.
 

Gaurav265

A PC GAMER
This happened not because of those 2.5L users didn't knew hack**ng. Instead it was a result of some brained hackers who exploited a security bug in Java on the Twitter's employee PC.
But knowing the basics , can save you from some trouble from Script kiddies and similiar category cyber criminals.
thats what i want to say.anyway my account is secure i know the basics.
 

Ronnie11

Judgement Time!!
i was wondering...what is this java bug which everyone is talking about...mozilla has even disabled java in their latest update...how come java is not fixing it?
 

adi007

Youngling
^^ Blame oracle for that ,, Whatever it acquires : it acquires just to distroy those ,, Ex: Open office, MySQL
 

mastervk

In the zone
thats what i want to say.anyway my account is secure i know the basics.
most of these mass attacks are result of attacking the company db itself..so even if your are world best hacker you can not protect your twitter account..
Best practice is to have separate password for different sites..or at least separate one for bank account and any other important sites..

i got mail from twitter that they have reset the password and i will have to change the password ..if i have used same password for gmail/bank/amazon that those account can be hacked too..as i keep my password separate for different sites hacking of password from one site does not affect different sites..

i was wondering...what is this java bug which everyone is talking about...mozilla has even disabled java in their latest update...how come java is not fixing it?
many people generally dont update their java/jre version..even many corporation does not update jre version regularly...
 

Anorion

Sith Lord
Staff member
Admin
yep you can protect the account
make sure it does not share the same password with any other of your accounts
change the password every time you hear of an attack

twitter is notorious for security holes, at one time their api used to store passwords in plaintext
 
Top Bottom