Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Twitter hack handled well by social site says expert

Industry experts have suggested the recent Twitter hack was handled well by the social media giant despite the private details of some 250,000 users stolen.

Speaking days after the high-profile Twitter hack, which saw the Facebook rival reset passwords on 250,000 users’ accounts after user emails and encrypted passwords were stolen, David Emm, Senior Security Researcher at internet security specialist Kaspersky Lab, has suggested the company handled the situation well and that the issues stem deeper than Twitter’s own security measures.

With Twitter confirming that it is set to introduce “two-factor authentication” to accounts, ensuring hackers could not gain access even if passwords were acquired, Emm has suggested that Twitter, unlike some companies, has responded well to its potentially troubling attacks.

Despite suggesting that “it is not possible to say [what mistakes were made] without knowing the cause of the compromise,” the Kaspersky spokesperson stated: “It’s good to see Twitter being open about the attack and taking proactive steps to try and minimise the risk to its customers by resetting passwords and revoking session tokens.”

He added: “It’s also good to see that passwords were not being stored in plaintext.”

Claiming that Twitter is at risk of becoming a poster child of more widespread and threatening hacking efforts, Emm stated: “It’s very clear that targeted arracks are increasing and all organisations, of whatever size, need to take the threat seriously.

“Names such as Twitter may generate headlines, but the problem affects all organisations – no business should image that they are immune or that they don’t have data that might be valuable to potential attackers.”

Although users are left largely powerless when handing their personal details over to companies and services such as Twitter, Emm has said that consumers can take measures to protect their more widespread online actions from the knock-on effects of hacking efforts.

“As individuals, there’s nothing we can do to prevent the systems of an online provider from being compromised,” Emm said. “However, we can reduce the knock-on effect of such a breach, by making sure that we use sensible passwords for all online accounts. By doing this, we ensure that a password stolen from a compromised site – especially if it’s accompanied by other personal details – can’t be used to access our other online accounts.”

Detailing the seemingly common sense measure users can take, he added: “Sensible, in this context, means a unique password every account, mixing letters, numbers and symbols and making it long enough that someone can’t easily guess it. If you can’t remember so many complex passwords, you can use password manager software, create an easy-to-remember method for creating them all, or you can write them down. The final option is not advisable at work, but ok at home as long as you keep the piece of paper you write them on secret.”

Were you affected by the recent Twitter hack or has the social service’s attack knocked your confidence in the Facebook competitor? Let us know via the TrustedReviews’ own Twitter and Facebook feeds or through the comment boxes below.

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.