A wave of cyber attacks against high-profile media sites has culminated (for now) with a hacking attack on Twitter that may have compromised a quarter of a million user accounts.
On February 1, Twitter reported in a blog post that it had detected non-typical activity pointing toward a possible attack. In the wake of these pattern indicators, one attack was detected and blocked in real time.
Affected users got an email warning them that their accounts might have been compromised "by a website or service not associated with Twitter." The email went on to advise users that their passwords had been reset. The emails also cautioned about risks from websites that claim to help users gain more Twitter followers. Such sites may generate spam and "damage user accounts."
While the emails went out to potentially compromised users, Twitter's security chief, Bob Lord, announced the attack in a blog post, as reported by Kim Zetter at Wired. Lord stated that the attack did not appear to be the work of amateurs, adding that "we do not believe it was an isolated incident."
In fact, news of the Twitter breach follows word of several attacks on major media organizations. The New York Times acknowledged that all of its employees' usernames and passwords were stolen. Attacks on the Washington Post and Wall Street Journal have also been reported.
The hacking attack on the Times has been linked to reporting about the Chinese government. It is not yet clear whether the attacks against the other newspapers, or Twitter, are related. However, Twitter has been gaining prominence as a media vehicle. Reporters, prominent bloggers, and others involved in the media increasingly use Twitter to comment on and follow fast-moving news events.
On the other hand, the 250,000 Twitter users whose accounts were compromised are clearly a much larger group. Whatever the identity or motive of the attackers, the incident once again demonstrates a basic lesson: Don't rely on vendors to protect your security.