Twitter has just confirmed that they have been compromised along with 250,000 user accounts. They also admitted that attackers might have had access to at least some personal data — specifically usernames, email addresses, session tokens and encrypted/salted versions of passwords.
They have already alerted these hacked users via email while also resetting their passwords as a precautionary measure.
Bob Lord, director of information security at Twitter, posted in a blog:
This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.
He also noted that the latest version of Java has security vulnerabilities. This could be true the fact that both Apple and Mozilla have turned off Java by default in their respective Safari and Firefox browsers.
Who to blame now? Certainly it’s the hackers but should Java join the suspects?
Photo Courtesy of: devdsp