Social media giant Twitter acknowledged that it has become the latest victim in a number of cyber-attacks against media companies, saying hackers may have gained access to information on 250,000 of its more than 200 million active users.
The company said in a blog post on Friday
that it detected attempts to gain access to its user data earlier in the week. It shut down one attack moments after it was detected.
But Twitter discovered that the attackers may have stolen user names, email addresses and encrypted passwords belonging to 250,000 users they describe as "a very small percentage of our users". Nonetheless, the company reset the pilfered passwords and sent emails advising the affected users.
The online attack comes on the heels of recent hacks into the computer systems of US media and technology companies, including The New York Times and The Wall Street Journal. Both American newspapers reported this week that their computer systems had been infiltrated by China-based hackers, likely to monitor media coverage the Chinese government deems important.
China has been accused of mounting a widespread, aggressive cyber-spying campaign for several years, trying to steal classified information and corporate secrets and to intimidate critics.
Bob Lord, Twitter's director of information security, said in the blog that the attack "was not the work of amateurs, and we do not believe it was an isolated incident."
"The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked," Lord said.
"For that reason, we felt that it was important to publicise this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users."
One expert said the Twitter hack probably happened after an employee's computer was compromised through vulnerabilities in Java.