Twitter's network gets breached again
For the second time this year, someone has broken into Twitter's internal admin system and accessed accounts.
Twitter has confirmed that someone broke into its network and gained access to 10 accounts, which appear to include Britney Spears and Ashton Kutcher, according to screenshots posted on a French blog site.
"Our initial security reviews and investigations indicate that no account information was altered or removed in any way," Twitter co-founder Biz Stone wrote in a blog post Thursday afternoon.
"Personal information that may have been viewed on these 10 individual accounts includes email address,number (if one was associated with the account), and the list of accounts blocked by that user," the posting said. "Password information was not revealed or altered, nor were personal messages (direct messages) viewed."
Stone did not respond to an e-mail seeking comment.
Someone using the alias "Hacker Croll" claims to have gotten access to a Twitter administrator's Twitter password by guessing the secret question to reset the administrator's password on a Yahoo e-mail account where the Twitter password was located, according to a post in the Warez Scene forum.
The 13 screenshots posted on the Korben blog and another site include not only what looks like admin pages for the celebrities' accounts, but also a page of blacklisted users and other administrative-type pages.
This isn't the first time Twitter's network has been breached. Wired later revealed that the hacker used an automated password guesser to figure out the Twitter administrator's password, which was "happiness.", someone hacked into the Twitter internal network and gained access to the Twitter accounts of President Obama, CNN anchor Rick Sanchez, and 31 other high-profile Twitterers.
The popular microblogging site has had more than its share of security challenges lately. It had to clean up after a series of worms spread quickly and modified user profiles, as well as fight off an attack that hijacked accounts , and battle "clickjacking" attacks .