The big news today for Twitter users is that there has been a major hacking attempt that may have seen around a quarter of a million accounts exposed.
This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users. – Twitter Blog
Twitter realised that the hack would take more than 140 characters to explain, so they took to their blog to let us know that we needed to change passwords. I use the word ‘we’ because I was one of those 250 000 people that had their accounts compromised.
I must admit that when I got the email I was a little hesitant to follow the link they supplied to reset my password. Similar emails have been the way phishing scams have worked for years. This one looked real but just in case I tried to access Twitter only to find that I couldn’t log in. I then used the ‘Lost Password’ feature in Twitter to do my reset instead of following the link, just in case.
I’ll admit that I was pretty pleased with the way that Twitter moved swiftly to ensure the safety of their users. As well as dealing with the direct threat, they’ve given some helpful keys to ensuring safety online. Whether you’re using Twitter, Facebook or any other kind of online service, their advice is work checking out.
Though only a very small percentage of our users were potentially affected by this attack, we encourage all users to take this opportunity to ensure that they are following good password hygiene, on Twitter and elsewhere on the Internet. Make sure you use a strong password – at least 10 (but more is better) characters and a mixture of upper- and lowercase letters, numbers, and symbols – that you are not using for any other accounts or sites. Using the same password for multiple online accounts significantly increases your odds of being compromised. If you are not using good password hygiene, take a moment now to change your Twitter passwords. For more information about making your Twitter and other Internet accounts more secure, read our Help Center documentation or the FTC’s guide on passwords. – Twitter Blog
If you’re looking for a great way to create and manage secure passwords, I’d advise you to check out LastPass. I’ve found using LastPass to be easy, safe and helpful.
The LastPass team believes your online experience can be easier, faster and safer. Collectively we lose more than 10,300 hours per year retrieving lost passwords, making new ones or talking to call center representatives about them. And it gets much worse if a password is stolen and misused. We go online to connect with people, explore, shop and learn. We certainly don’t go online to fuss with passwords or risk our privacy, personal or financial information. Designed by web enthusiasts and skilled application developers, LastPass was created to make the online experience easier and safer for everyone.
By the way, if you’re not already following me on Twitter, you’ll find me here.