The accounts of around 250,000 Twitter users were breached this week in what the San Francisco-based social networking site is describing as a “sophisticated” attack.
The company detected unusual access patterns this week that led to the identification of unauthorized access attempts on Twitter user data, according to a blog post today by Bob Lord, director of information security.
The company believes the hackers had access to limited user information including usernames, email addresses, session tokens and encrypted versions of passwords.
The passwords of affected users have been automatically reset, and all users are being urged to make sure they are using a strong password that is not shared with any other accounts, Lord said.
The attack follows a recent increase in large-scale security attacks aimed at U.S. technology and media companies, and an advisory from the U.S. Department of Homeland Security urging computer users to disable Java on their computers.
“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” Lord said. “The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.”
Lord said the company is working with government and federal law enforcement to find and prosecute the attackers.