Yesterday the firm announced it had “detected unusual access patterns that led them that led to us identifying unauthorized access attempts to its user data’ and it also discovered one live attack which was shut.
250,000 Users Affected
According to Twitter, “The attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users.”
Twitter reset passwords and revoked session tokens the attacked accounts and says users will be notified to reset their passwords.
According to Bob Lord @boblord, Director of Information Security at Twitter, “Though only a very small percentage of our users were potentially affected by this attack, we encourage all users to take this opportunity to ensure that they are following good password hygiene, on Twitter and elsewhere on the Internet.”
Lord added that users should create strong passwords with over 10 characters with a mixture of upper and lowercase letters, numbers, and symbols which they don’t use on any other accounts or sites.
“Using the same password for multiple online accounts significantly increases your odds of being compromised. If you are not using good password hygiene, take a moment now to change your Twitter passwords,” Lord added.