In a blog post today, Twitter announced it had been subjected to unauthorized access attempts over the course of the week. Attackers were trying to secure Twitter users data, some of which may have been compromised. “Our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens, and encrypted/salted versions of passwords – for approximately 250,000 users.”
Twitter says it has reset passwords and revoked session tokens for the affected accounts. If you were one of these unfortunate users, you either received or will receive an email from Twitter explaining the situation and telling you to create a new password.
The breach comes in the same week that the New York Times and the Wall Street Journal both disclosed their own security shortcomings. Both outlets allege that the Chinese government is involved to some extent with their respective attacks. Corporate employees and reporters had their passwords stolen, and those behind the infiltration were possibly accessing investigative reports.
“This attack was not the work of amateurs and we do not believe it was an isolated incident,” Twitter says. “The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.”
Whether or not the security issues all three companies experienced are related, be sure to check your email and see if Twitter has changed your password. And if your current password isn’t terribly secure, you should take the initiative to fix it yourself.