Twitter has confirmed that approximately 250,000 users are affected in the recent hack but denied that the hack is related to the outage yesterday. As security measure, Twitter did reset all affected passwords and revoked all session tokens from affected accounts. The affected users will receive email from Twitter to notify them to create new passwords, so check your email.
According to the official statement, Twitter observed “unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data”. Based on user reports, this recent hack seems to affect mainly users who signed up in 2007. Twitter also described the attack as being “sophisticated”.“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” “The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.” – that’s how Twitter’s director of Information Security (Bob Lord) talked about the incident in a blog post.
Coincidentally, Amazon too had an outage yesterday but it confirmed that outside groups were not involved. US technology firms and media companies seem to be targets of massive security attacks in the last two week. This includes New York Times and Wall Street Journal who report breaches to their systems, while Java was turned off by default in Mozilla and Safari browsers. Twitter has hinted that this was the vector of the attacks.