Following what appears to be a successful breach of a Twitter database containing user data, Twitter has reset the passwords and revoked session tokens of about 250,000 users in the latest attack against the social network.
It has been a while since the social network Twitter has been under the gun of a hacking incident. Unfortunately, a social network as large as Twitter and home to over 140 million users who share upwards of 340 million tweets a day, are ticking time bombs waiting for the next group of skillful hackers to compromise their 'protected' data.
The latest hacking was confirmed by Twitter on Friday as it is thought to have been a group of extremely sophisticated attackers who perhaps targeted other companies and organizations in similar attacks. Bob Lord, Twitter Director of Information Security, alleges the New York Times and Wall Street Journal where perhaps the work of these skillful hackers. Lord also added, "For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users."
We have noted several other Twitter attacks, some dating back to several years ago, when Twitter's security was not up to par according to various security experts. Today, Twitter has taken steps to encrypt data with random digit algorithms to keep their passwords and other pertinent user data out of the hands of hackers.
The recent hacker attack on Twitter last week has been said to be the work of hackers who knew exactly what type of road blocks they were going to encounter. They knew that Twitter still utilized the bcrypt algorithm to hash passwords. Being one of the most difficult algorithm's to crack, the sophisticated hackers did not let it stop them from at least attempting to pilfer user data including Twitter user passwords. So far, Twitter is hoping that all will the able to change their passwords before their account is compromised for the accounts that were affected by the security breach.
Twitter is advising affected users through email of the breach and asking them to reset their passwords as a preventative measure. They are calling the users to practice 'good password hygiene', a rather literal descriptive language for the matter. Long is also advising users to disable Java in their browsers, which we suspect could be due to the recent rash of Java infrastructure vulnerabilities discovered over the course of the past month.
At any rate, Twitter users should always practice 'good password hygiene' as Twitter describes it. We cannot stress enough how important it is to always utilize a strong password and change it often. It may not prevent hackers from attacking large social networks like Twitter, but it would have put you in a better position to ward off potential hacks against your own account.