February 1, 2013. In a very laid-back “we don’t want to scare you” type of blog post, Twitter announced that a quarter of million of its accounts have been hacked. The hackers took usernames, email addresses, and yes, passwords.
Twitter has reset the passwords of the 250,000 accounts that it thinks were compromised, but did they get them all? They also said, “This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.“
In plain English that means that they now have email/username/password combinations that they will try on other sites. They will sell this information to other hackers who will try those combinations on other sites.
Here’s what Regina Smola at WP Security Lock suggests whenever there is a major hack attack:
- Change your password immediately at the site that has been hacked. Even if Twitter doesn’t identify you as one of the unlucky accounts, better safe than sorry.
- If you are using the same password on other sites, change those also.
- If you are using the same password on other sites, stop doing that! With tools like Roboform, there is no excuse for having a weak password that you use everywhere. Not only will it remember your passwords and log you into secure websites, it will generate strong passwords for you.
- If you are unsure how secure your password really is, test it at How Secure is My Password.
OK. That’s all for now. I’ve got to go change my Twitter passwords. Be sure to share this post on Facebook, Twitter & Google+ to warn your friends before they become a victim.
