Modernizing Authentication — What It Takes to Transform Secure Access
Techworm reports that a hacker calling himself Mauritania Attacker, the leader of AnonGhost, has published 15,167 Twitter account details on Zippyshare, including Twitter IDs, user names, OAuth tokens and OAuth secret codes (h/t ESET).
While no passwords were leaked, the OAuth tokens could be sufficient for access -- according to Techworm, alongside the data, Mauritania Attacker posted instructions on how to use the tokens to log into Twitter accounts.
According to GigaOm, the fact that OAuth tokens were leaked rather than passwords means it's likely the hacker accessed a third-party service that connects to Twitter, not Twitter itself.
And according to Mashable, a source claims the issue involved a third-party app which has already been suspended by Twitter. A Twitter spokesperson told Mashable, "We have investigated the situation and can confirm that no Twitter accounts were compromised."