The Scarlet Pimp
Supreme Member
- Apr 2, 2008
- 1,296
- 4,273
once more it happens...
If you find that your Twitter password doesn't work the next time you try to login, you won't be alone. The service was busy resetting passwords and revoking cookies on Friday, following an online attack that may have leaked the account data of approximately 250,000 users.
"This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data," Bob Lord, Twitter's director of information security, writes in a blog post.
According to Lord, Twitter was able to shut down the attack within moments of discovering it, but not before the attackers were able to make off with what he calls "limited user information," including usernames, email addresses, session tokens, and the encrypted and salted versions of passwords.
The encryption on such passwords is generally difficult to crack ? but it's not impossible, particularly if the attacker is familiar with the algorithm used to encrypt them.
As a precaution, Lord says Twitter has reset the passwords of all 250,000 affected accounts ? which, he observes, is just "a small percentage" of the more than 140 million Twitter users worldwide.
If yours is one of the accounts involved, you'll need to enter a new password the next time you login. Lord reminds all Twitter users to choose strong passwords ? he recommends 10 or more characters, with a mix of letters, numbers, and symbols ? because simpler passwords are easier to guess using brute-force methods. In addition, he recommends against using the same password on multiple sites.
http://www.prohackingtricks.com/2013/02/hackers-compromises-250000-twitter-accounts.html
If you find that your Twitter password doesn't work the next time you try to login, you won't be alone. The service was busy resetting passwords and revoking cookies on Friday, following an online attack that may have leaked the account data of approximately 250,000 users.
"This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data," Bob Lord, Twitter's director of information security, writes in a blog post.
According to Lord, Twitter was able to shut down the attack within moments of discovering it, but not before the attackers were able to make off with what he calls "limited user information," including usernames, email addresses, session tokens, and the encrypted and salted versions of passwords.
The encryption on such passwords is generally difficult to crack ? but it's not impossible, particularly if the attacker is familiar with the algorithm used to encrypt them.
As a precaution, Lord says Twitter has reset the passwords of all 250,000 affected accounts ? which, he observes, is just "a small percentage" of the more than 140 million Twitter users worldwide.
If yours is one of the accounts involved, you'll need to enter a new password the next time you login. Lord reminds all Twitter users to choose strong passwords ? he recommends 10 or more characters, with a mix of letters, numbers, and symbols ? because simpler passwords are easier to guess using brute-force methods. In addition, he recommends against using the same password on multiple sites.
http://www.prohackingtricks.com/2013/02/hackers-compromises-250000-twitter-accounts.html
