Twitter Resets Too Many Passwords Following Breach
Several users whose accounts hadn't been compromised recently found that their passwords had been reset.
In a recent status update, Twitter acknowledged that while it routinely resets passwords and sends e-mail alerts to users when it believes their accounts have been hacked, it recently reset the passwords "of a larger number of accounts, beyond those that we believed to have been compromised."
"Twitter wouldn't elaborate on how many that 'larger number' was," writes The Register's Anna Leach. "In the email sent out with the password resets, the cause of alarm was pinned down to a security breach in a third-party website that accesses Twitter feeds."
"Among the shuttered was TechCrunch," notes Sophos' Lisa Vaas. "Unintentional closures aside, theirs was only one of many stories relating to an authentic hack behind Twitter's reset snafu. As Natasha Lomas describes it, TechCrunch's account was hijacked by somebody who posted a work-from-home scam on its feed."
"Attempts to hack Twitter accounts are common, and are most frequently carried out by spammers, scammers and hackers to spread links to their malicious campaigns," writes Computer Weekly's Warwick Ashford.
"The apparent problems with this process are a setback for Twitter, which has steadily built up a reputation for technical competence over the last two years, after initially struggling to cope with its rapid growth and suffering embarrassing outages," writes The Telegraph's Christopher Williams.