Media companies have been alight with hacking attempts and security breaches, including two recent statements from the New York Times and Wall Street Journal stating that they were the target of Chinese hackers. Now Twitter has come forward, stating that it recently noticed unusual access patterns that got its hackles up, resulting in the discovery of unauthorized attempts to access users’ information. As many as 250,000 accounts could be compromised.
While looking into the issue, Twitter found one attack as it was happening and put the kibosh on it. Still, when looking into the issue, the social network has found that information for about 250,000 compromised, including usernames and emails, encrypted/salted versions of passwords, and session tokens. To keep users safe, Twitter took several actions for those accounts.
All passwords and session tokens for the compromised accounts have been reset and revoked, with notification emails going out to those users informing them about what happened and how to create a new password. The social network likewise is encouraging its users to use safe passwords comprised of uppercase and lowercase letters, numbers, and symbols totaling a minimum of ten characters.
Users are being encouraged to disable Java in their browsers, which is notorious for the security threat it poses. Twitter said in the announcement that this was not an isolated attack, and that it was performed by “extremely sophisticated” hackers who knew what they were doing. The social network is cooperating with government and law enforcement agencies to identify who is responsible.