Slashdot Mirror

← Back to Stories (view on slashdot.org)

55,000 Twitter Accounts Hacked, Passwords Leaked

Posted by samzenpus on from the protect-ya-neck dept.

MojoKid writes "Tens of thousands of Twitter accounts have been compromised in a recent hack attack in which more than 55,000 passwords were leaked and posted to Pastebin by anonymous hackers. Most of the accounts supposedly belonged to spammers, and there were many duplicate entries, Twitter officials pointed out. However, to play it safe, you should probably change your Twitter password ASAP."

4 of 66 comments (clear)

  1. Update: No recent hack, just repackaged old data by Kelson · · Score: 5, Informative

    From CNet's article:

    After Lamo and others found that at least some of the alleged account data had been posted on the Web last year and speculated that the list appeared to be compiled from various sources, including spam accounts, Twitter provided CNET this statement when asked for comment: "We've looked into this and can confirm that Twitter was not compromised. For extra precaution, yesterday, we pushed out password resets to accounts that may have been affected."

  2. As pointed out in several other places... by spec8472 · · Score: 5, Informative

    There is no evidence Twitter themselves were "hacked".
    This is likely the password file from a spambot c&c network.

    All* the twitter accounts shown follow the same naming and password rules. This is not typical of how a random selection of users would set up their account.
    In addition all/most of these accounts are or were suspended (typically this is for spam).

    * I may have missed one, but given several others point out the same...

    Ref: Reddit: 55.000+ Twitter usernames and passwords leaked

  3. looks like pretty low-value accounts by Trepidity · · Score: 4, Informative

    A huge number of the account names and passwords look clearly auto-generated. I would guess it's not a "real" leak of actual users' data, but a compromise of some spammer's twitter-bot farm.

    I mean, this is not what a leak of regular Twitter-user u/p would look like:

    Idellcfipt:E7QkDx28
    Yiqafky:A417tSFv
    Mi_deq:15j6onel

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
    1. Re:looks like pretty low-value accounts by NoEvidenZ · · Score: 5, Informative
      That's absolutely what I thought.

      The list starts off strong with roughly 5000 script generated accounts. The usernames and passwords are just too obviously random to be real.

      It looks like it then goes on to some phished accounts.

      Also looks like a large amount are duplicates.