Hot topics

news

Comment

Twitter Responds To Phishing Attack

Robin Wauters

View Staff Page

Robin Wauters is the European Editor of tech blog The Next Web and lead editor of Virtualization.com. He was a senior staff writer at TechCrunch until his departure in February 2012. Aside from his professional blogging activities, he’s an entrepreneur, event organizer, occasional board adviser and angel investor but most importantly an all-round startup champion. Wauters lives and works in... → Learn More

Tuesday, February 2nd, 2010
Comments

This morning, Twitter started locking out a subset of users of their accounts, sending them e-mails asking them to change their passwords in order to regain access to the service. The e-mail said those measures were taken due to concerns that their accounts may have been compromised in a phishing attack, and hinted at a third-party service being at fault.

We asked Twitter for more information about the attack, and this is the response that they just gave us:

As part of Twitter’s ongoing security efforts, we reset passwords for a small number of accounts that we believe may have been compromised offsite. In one case, a number of accounts posted updates indicative of giving their username and password to untrusted third parties. While we’re still investigating and ensuring that the appropriate parties are notified, we do believe that the steps we’ve taken should ensure user safety.

Asked how many users were affected, Twitter declined to share details but said the number is ‘very small’. Twitter also said its response is for issues seen from last Wednesday on.

Update: asked if Nutshellmail has something to do with this, which has been suggested on other blogs, Twitter says it has not. The company instead referred to multiple “get followers fast” schemes causing trouble for some users.

Twitter promises to continue to provide updates and encourages users to read the help pages on what to do if their account is compromised.

Note that Twitter has yet to communicate the whole ordeal on its company blog and/or status website, although the account @safety acknowledges the attack and refers to its security measures as a ‘precautionary step’.

We’ll keep you posted as we try and obtain more information about these attacks.

Crunchbase

Company: Twitter
Website: twitter.com
Launch Date: March 21, 2006
Funding: $1.16B

Created in 2006, Twitter is a global real-time communications platform with 400 million monthly visitors to twitter.com, more than 200 million monthly active users around the world. We see a billion tweets every 2.5 days on every conceivable topic. World leaders, major athletes, star performers, news organizations and entertainment outlets are among the millions of active Twitter accounts through which users can truly get the pulse of the planet.

→ Learn more

Tags:
blog comments powered by Disqus