Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Twitter hacked – 250,000 user account details stolen

Twitter has admitted that up to 250,000 user account security details, including email address, usernames and passwords were stolen by sophisticated hackers this week.

Having detected suspicious activity and repeated unauthorised access attempts, Twitter discovered one live attack which it promptly shut down. However the attack was not stopped before user information was stolen, including encrypted versions of user passwords.

Bob Lord, Director of Information Security for Twitter, admitted the security breach in blog post today. He explained “our investigation has thus far indicated that the attackers may have had access to limited user information … for approximately 250,000 users.” as well as expressing that the attack was “extremely sophisticated” and conducted by a professional hacker, or group of hackers.

Twitter has reset passwords for the compromised accounts and sent emails to all those thought to be affected. Bob Lord also suggests that all Twitter users ensure they use strong passwords for their account and not to use the same password for more than one account.  “Make sure you use a strong password – at least 10 (but more is better) characters and a mixture of upper- and lowercase letters, numbers, and symbols – that you are not using for any other accounts or sites.” he advises.

The admission follows a scare that up to 55,000 user account details were stolen in 2012, although Twitter confirmed that it had not been compromised on that occasion. To date successful attempts to steal Twitter user data was restricted to phishing scams where users would divulge usernames and passwords on spoof Twitter sites. This is the first occasion that Twitter has admitted that personal data has been directly hacked.

Suspicion for the weakness that led to the theft appears to point to towards users having Java enabled on their browsers. Apple and Mozilla both recently disabled Java by default on their browsers, Safari and Firefox respectively. The finger pointing also follows advice from the U.S. Department of Homeland Security experts encouraging users to disable Java from browsers. Java is used in billions of devices worldwide, from personal computers to mobile phones and TVs.

With over 500 million existing accounts and 400 million tweets being sent a day, Twitter is one of the biggest and most active social networks in the world. The 250,000 Twitter users compromised in the hack account for less than 0.05% of all Twitter users.

If you would like to disable Java from your browsers the instructions for all browsers can be found on the website here.

Have you been affected by the Twitter hack? Have you had your account details phished in the past? Let us know via the Trusted Reviews Twitter (ironic we know) and Facebook feeds or through the comment boxes below.

Source: Twitter

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.