Twitter says a group of “extremely sophisticated” hackers may have recently accessed limited user information for about 250,000 users accounts, prompting the company to reset the passwords associated with those accounts and remind all of its users to create a stronger password.
The investigation is still going on, but Twitter says the hackers might’ve accessed some users’ personal information:
This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users.
If your account was affected, you’ll get an email from Twitter notifying you that your previous password no longer works and you’ll need to set a new one.
Tip: If you get an email like that, make sure it’s coming from Twitter, and not from other hackers that might jump on today’s news as an opportunity to send new phishing attacks. Here’s the email that our Search Engine Land account received:
Twitter says it’s working with government officials to investigate the hacking and says it thinks that other companies have also been similarly attacked.
Note: This story has been corrected to say the accounts may have been accessed, rather than that they were accessed.