Twitter Sends Out Emails To 250K Users Who ‘May’ Have Been Compromised, Says Hack Was Not Related To Yesterday’s Outage

Twitter is sending out emails to 250,000 users it says may have had their accounts compromised in the last week as the site experienced “unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data.” Twitter tells TechCrunch that this is “not related” to the widespread, but intermittent, outage the site saw yesterday.

The text of the email is below. In its blog post on the hacking, Twitter recommends that all users make sure they have a secure enough password on their account. In truth, there still seems to be some big unanswered questions. Twitter notes that “attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords”, which can also be interpreted as “may not have had access”, or may not have had access to all of those different elements. The reader who sent in the letter below tells us that he had not seen any unusual activity on the account recently — so any password or other kinds of compromises had not yet translated into actions, for him at least.

One coincidence that appears to be emerging is that many of the people who have been affected were among some of the earliest adopters of Twitter. Our reader signed up in 2007, and we have heard similar reports from others receiving the email.

Twitter says that it believes that other websites may have been compromised.

“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” Bob Lord, director of information security at Twitter, notes in the blog post. “The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.”

Twitter would not comment on whether it had any information on which other companies may have had related attacks — although by coincidence Amazon yesterday also had an outage, although TechCrunch understands that Amazon has determined that outside groups were not involved. Twitter does, however, refer to the security breaches at both the New York Times and the Wall Street Journal, as well as the recent security issues with Java in browsers, as examples of how hacking is everywhere (and to possibly deflect a little attention from what has just happened on its site).

 

Hi, XXX

Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We’ve reset your password to prevent others from accessing your account.

You’ll need to create a new password for your Twitter account. You can select a new password at this link:

XXXXX

As always, you can also request a new password from our password-resend page: https://twitter.com/account/resend_password

Please don’t reuse your old password and be sure to choose a strong password (such as one with a combination of letters, numbers, and symbols).

In general, be sure to:

  • Always check that your browser’s address bar is on a https://twitter.com website before entering your password. Phishing sites often look just like Twitter, so check the URL before entering your login information!
  • Avoid using websites or services that promise to get you lots of followers. These sites have been known to send spam updates and damage user accounts.
  • Review your approved connections on your Applications page at https://twitter.com/settings/applications. If you see any applications that you don’t recognize, click the Revoke Access button.

For more information, visit our help page for hacked or compromised accounts.