Following a string of revelations this week from several media companies who announced they had been recently hacked, Twitter announced on Friday that it had also been the target of a sophisticated attack.
The company wrote in a blog post ironically titled “Keeping our users secure” that it detected unusual patterns this week that led it to identify attempts to access user data.
“We discovered one live attack and were able to shut it down in process moments later,” wrote Bob Lord, Twitter’s director of information security. “However, our investigation has thus far indicated that the attackers may have had access to limited user information — usernames, email addresses, session tokens and encrypted/salted versions of passwords — for approximately 250,000 users.”
As a result, the company said it had reset passwords and revoked session tokens for the accounts suspected of being affected. The company also sent an e-mail to affected users informing them that their old password was no longer valid and that they would need to create a new one.
