Concerned that hacking is on the rise? You've every right to be worried. Following recent reports from The Wall Street Journal and The New York Times surrounding intrusion from outside forces into their news systems and e-mail databases, Twitter
has now affirmed a security puncture of its own. The company released a blog post noting that it "detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data." In that discovery process, Twitter found one live attack and neutralized it, but some damage was already done. The investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users.
As a precautionary security measure, the company reset passwords and revoked session tokens for these accounts. If your account was one of them, you will have recently received (or will shortly) an email from us at the address associated with your Twitter account notifying you that you will need to create a new password. Be warned, however, that these same hackers may try to send fake e-mails that look like this legitimate one in order to phish for account information.
Even more frightening is that Twitter doesn't think this is an isolated attack, and notes that whoever is behind this clearly has the skills to get the information they crave. Even if your account isn't compromised, you might want to change and strengthen your password just to be safe.