Although Twitter hasn’t revealed who may have been victimized in last week’s suspected massive account hack, an analysis suggests that accounts with high levels of influence may have been among those affected.
Within days of accusations that hackers in China were responsible for network breaches at The New York Times and The Wall Street Journal, the microblogging site revealed Friday that about 250,000 accounts might have been compromised. In e-mails to affected users, Twitter said it reset passwords for accounts it suspected of being compromised after identifying unauthorized attempts to access Twitter user data.
“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” Twitter said in a company blog post Friday explaining its action. “The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.”
Now it appears that key media outlets, high-level elected officials, and influential journalists and tech figures may have been affected, including the Twitter account of President Obama and Vice President Joe Biden. Seventeen percent of the 100 most influential accounts in politics were possibly affected, including House Speaker John Boehner (@johnboehner), House Majority leader Eric Cantor (@EricCantor), and Republican tech strategist Patrick Ruffini (@PatrickRuffini), according to analysis by PeerReach.
Because of the hackers’ attack — which could have been intended to snare influential tech figures — 70 percent of PeerReach’s Webtech top 100 list, including @TechCrunch, Evan Williams (@ev), Tim O’Reilly (@timoreilly), Fred Wilson (@fredwilson), Om Malik (@om), and Kara Swisher (@karaswisher), were among those whose Twitter accounts had their passwords reset, the analyst reported, noting that the impacted accounts appeared to be early adopters who launched their accounts prior to 2007.
Meanwhile, 22 percent of the account linked to the analyst’s list of 100 most influential media outlets may also have been breached, according to PeerReach, including @nytimes, @reuters, @cnn, and @foxnews.
Despite the password reset, PeerReach notes that because many users recycle their credentials on a variety of sites, the hack still poses a threat:
If the hackers have 250,000 encrypted passwords in their possession they have all time of the world to break these passwords. Although the compromised accounts are forced to change their passwords, many are likely to have re-used passwords for other applications such as email, domain names and other critical services. This gives the criminals great possibilities, in combination with Social Engineering, to continue their campaign against other media sources.