BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Twitter Denies User Accounts Have Been Compromised by Hacker

From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Wed, 21 Aug 2013 03:52:40 -0400
http://news.softpedia.com/news/Twitter-Denies-User-Accounts-Have-Been-Compromised-by-Hacker-376999.shtml

Twitter has denied that any user accounts have been compromised. The
statement comes after Mauritania Attacker, a member of AnonGhost,
leaked the details of 15,000 accounts and claimed to have gained
access to Twitter’s entire user database.

The leaked data – comprised of Twitter IDs, usernames, OAuth tokens
and secret OAuth tokens – was published by the hacker on Zippyshare.

“We have investigated the situation and can confirm that no Twitter
accounts were compromised,” Twitter representatives have told The
Guardian.

Lee J of Cyber War News has also confirmed that the data doesn’t come
from Twitter.

He has determined that the data is old, mostly being comprised of
suspended and inactive accounts. The information has been most likely
taken from a Turkey-based service.

In reality, the AnonGhost collective, of which Mauritania Attacker is
part of, is known for suspicious hacks.

In OpIsrael, the group claimed to have hacked over 100,000 websites,
40,000 Facebook accounts and 5,000 Twitter accounts, causing losses of
billions of dollars.

Both experts and Israeli officials have determined that, in reality,
there was hardly any real damage.

AnonGhost also took part in OpUSA, another campaign that consisted
mainly of fake leaks, “pedestrian” DDOS attacks, and small website
defacements.

In June, the same group also claimed to have obtained the email logins
of Mozilla managers. The company immediately clarified that the
16-character strings leaked by the hackers were not passwords.

The group hacked and defaced hundreds, maybe thousands of websites in
the past. However, their claims, especially in the case of data leaks,
should not be trusted without a thorough analysis of the published
information.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: