An anonymous group of hackers hit Twitter today and accessed an estimated 250,000 accounts. "This attack was not the work of amateurs, and we do not believe it was an isolated incident," said Twitter's director of information security Bob Lord.
Per Twitter:
This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information - usernames, email addresses, session tokens and encrypted/salted versions of passwords - for approximately 250,000 users.As a precautionary security measure, we have reset passwords and revoked session tokens for these accounts. If your account was one of them, you will have recently received (or will shortly) an email from us at the address associated with your Twitter account notifying you that you will need to create a new password. Your old password will not work when you try to log in to Twitter.
The attack came just days after the New York Times and the Wall Street Journal were the target of cyberattacks. And, as Boing Boing reminds us, now might be a good time reset your password and disable Java in your browser. "Looks like a well-known Java vulnerability is one common link."