State-Sponsored Hack of Twitter
Twitter this past Friday announced it had found evidence of a possible state-sponsored hack on its networks. According to Twitter, these “state-sponsored hackers may have tried to obtain sensitive data from their accounts.” According to Twitter however, they insist that nothing was obtained by these intrusions. More importantly was WHO the targets were, according to CNBC report, “Some of the users who tweeted about receiving the notice on Friday were cryptographers, security researchers, activists or journalists.” It’s interesting that those whose job it is to prevent and detect attacks like these are becoming the targets themselves now.
This however isn’t the first hack of Twitter in recent memory. In 2013, Twitter confirmed that “it emailed more than 200,000 users to alert them their Twitter passwords and email addresses may have been stolen.”
“Most communications on Twitter are public. However, the email highlighted that the attackers could have been trying to access account information such as the email addresses, IP addresses, and phone numbers.”
This attack falls on the heels of the recent Office of Personnel Management hack that saw 22 million personal files stolen containing sensitive data such as dates of birth and social security numbers. It’s reported by Reuters that “Google and Facebook have also started issuing warnings to users possibly targeted by state-sponsored attacks.”
Here at Advanced Persistent Security, we foresee not only more of these type of attacks against public interests, but an increase in frequency. Due to this, it is recommended that personal sensitive data is not provided as much as possible to social media sites such as Twitter and Facebook. Middle names, dates of birth, address, including email address and any other information deemed unnecessary be kept off these sites. Social media is quickly becoming the target of attacks and just because your profile is set to private doesn’t mean that you will have privacy from determined hackers.
Here are some of our blog posts to read in the meantime:
Potential Amazon Password Leak
Top 5 Cybersecurity Threats in 2015
Top 5 Cybersecurity Myths that May Surprise You
Microsoft State of Security Address Experian (includes T-Mobile)
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison (follow up)
Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Be sure to subscribe to this blog and to our Podcast.
If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.