HACKERS HAVE INFILTRATED the Twitter social network, gaining access to the sensitive data of around a quarter of a million of its users.
"This week, we detected unusual access patterns that led to us identifying unauthorised access attempts to Twitter user data," explained Bob Lord, director of Information Security at Twitter.
"Our investigation has thus far indicated that the attackers may have had access to limited user information - usernames, email addresses, session tokens and encrypted/salted versions of passwords - for approximately 250,000 users."
Twitter has reset the log-in details for anyone whose account was compromised, and has been sending out emails notifying these users that they will need to change their passwords to access their accounts. If you're one of these users, please let us know in the comments section below.
Lord used the situation to remind users of the need for good security practices in general.
"Make sure you use a strong password - at least 10 (but more is better) characters and a mixture of upper and lowercase letters, numbers, and symbols - that you are not using for any other accounts or sites," he suggested.
"Using the same password for multiple online accounts significantly increases your odds of being compromised."
He also encouraged users to disable Java in their web browsers, though whether this was the cause of the breach is unclear. Lord noted that both Apple and Mozilla have turned off Java by default in their browsers.
Lord added that the attack was carried out by an "extremely sophisticated" hacker or hackers, and implied that it was part of the same team that recently attacked large US media outlets.
The New York Times revealed on Wednesday that it had been under attack from Chinese hackers, while on Thursday the Wall Street Journal said its systems had also been breached by Chinese hackers, allegedly to monitor coverage.
One point to note is that Twitter started its "Keeping our users secure" post with an overview of other recent high profile attacks, rather than diving straight into the details of the attack on its systems, as if to downplay the breach of its own website. µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted