|
Twitter is investigating an apparent data breach that resulted inmore than 50,000 user names and passwords being posted to theInternet. The data was posted across five pages ( one , two , three , four , five ) on Pastebin, a favorite site for hackers to post their ill-gottengains. Ordinarily, when large files are involved, data thieves"tease" their exploits at the site and include a link to a site,like BitTorrent, that supports large file downloads. The maximumfile size for Pastebin is 512KB. Twitter is downplaying the leak because much of the informationposted to Pastebin appears to be garbage. There are some 20,000 duplicates , many of the accounts belong to suspended spammers, and some of itconsists of "unlinked" information, information where the user namedoesn't correspond to the password paired with it. [ Learn how to secure your systems with Roger Grimes' Security Adviser blog and Security Central newsletter , both from InfoWorld. ] In addition, there's evidence that some of the accounts are dudscreated by robot programs. An analysis of a random selection of 20 accounts performed by Hacker Newsrevealed that none had more than six followers, all that weren'tsuspended were following thousands of people, all had similarpasswords that looked auto-generated, and many had unansweredmessages asking them to confirm their email addresses. Another hacker, Adrian Lamo -- infamous for informing on BradleyManning, the G.I. who leaked thousands of sensitive U.S. governmentdocuments about military abuses in Iraq to WikiLeaks -- rapped thequality of the leak. "These files dated back to circa early to mid2011, demonstrating that if a compromise had taken place, it wasnot recent, and quite possibly/probably not one involving Twitter,"he wrote on his Facebook page. "They contain no email addresses belonging to sensitive domains,they do not include Twitter staff, notably they don't include me,quite possibly the most hated ex-hacker alive in the eyes of thehacker community, and they in fact seem quite random," he observed. "I've seen lists like these before," he continued, "and, withoutexception, fragments of this list are what I'd expect from acollection of phished passwords sewn together into a larger list,freshened up a bit to obscure their antiquity, and presented assomething new and newsworthy." According to a Twitter spokesperson, the company is pushingpassword resets to affected accounts. Meanwhile, the microbloggingservice is searching for answers about who leaked the accountinformation and why they did it. It is ironic that so many of the accounts apparently belong tospammers, since last month Twitter trumpeted its efforts to combat spam on the service byfiling a lawsuit against five of the most aggressive spammers andspam tool makers targeting the microblogging site. How the account information was obtained by the data thief is alsoimportant to Twitter, because it is operating under an agreementwith the U.S. Federal Trade Commission to protect its members'privacy. That agreement was finalized last year and stemmed from two hacking attacks on the service in2009 where some high-profile Twitter members, including PresidentBarack Obama, lost control of their accounts. Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter. We are high quality suppliers, our products such as Wire Tube Condenser , China Evaporator Tube for oversee buyer. To know more, please visits Bundy Pipe.
Related Articles -
Wire Tube Condenser, China Evaporator Tube,
|
