Twitter has warned dozens of users that their account data may have been targeted by state-sponsored hackers.
In e-mails sent to security researchers, journalists, and activists over the past few days, Twitter officials said there’s no evidence the attacks were successful. Still, the messages said Twitter officials are actively investigating the possibility that the accounts were breached. Dozens of users have reported receiving the advisory, with this list showing 36 people and this one listing 32 users.
“As a precaution, we are alerting you that your Twitter account is one of a small group of accounts that may have been targeted by state-sponsored actors,” one e-mail warned. “We believe that these actors (possibly associated with a government) may have been trying to obtain information such as e-mail addresses, IP addresses and/or phone numbers.”
While many people tie their Twitter account to common names and recognized e-mail addresses, others attempt to use the service anonymously. The advisory went on to suggest that people in the latter category use services such as Tor. Critics have long bristled at Twitter’s previous requirements that people who access Twitter from Tor provide their phone numbers to verify their accounts. In at least some of the cases, the data Twitter said is being targeted is a requirement imposed on people attempting to use the site anonymously.
Twitter has become at least the third large service to warn users of state-sponsored attacks. Google unveiled its notification service in 2012. Facebook, meanwhile,announced a similar service in October. None of the warnings provide details about which government is suspected of backing a suspected hacking campaign. The potential list of countries is long and includes the US, the UK, China, Israel, Iran, Russia, and North Korea, to name just a few.
SOURCE: Dan Goodin | Ars Technica