/>
X

Twitter says no accounts compromised after OAuth token 'hack'

The microblogging site said no accounts have been compromised after a hacker claimed to have acquired user details by allegedly breaking into its databases.
zack-whittaker-hs2016-rtsquare-1.jpg
Written by Zack Whittaker, Writer-editor on
twitter-fail-whale
Image: Twitter

Twitter has denied claims by a hacker that he downloaded user data, including passwords, from its databases, saying there has been no such breach of its security. 

The hacker, going by the name "Mauritania Attacker," understood to be in the West African country, said he had in his possession "the entire database of users on Twitter," according to Indian site Techworm who spoke to him on Tuesday.

But security researchers were quick to suggest that Twitter was not the victim of an elaborate hack — or any hack for that matter. A third-party app is understood to be at fault, which may have leaked as many as 15,000 account details.

A Twitter spokesperson said, via The Guardian: "We have investigated the situation and can confirm that no Twitter accounts were compromised."

Instead, the OAuth tokens, which he claims can be used to directly log in to user accounts for thousands of users of the microblogging site, were subsequently uploaded to file-sharing site Zippyshare.

These tokens are used to verify apps connecting to the microblogging service. They are not sufficient on their own to log in to Twitter, but could be used to direct further attacks on unsuspecting victims. 

The best practice for users thought to be affected by the data snatch is to revoke and re-establish access to third-party apps, GigaOm wrote on Tuesday.

After a series of high-profile account hijacks this year, from the Associated Press, and our very own sister site CBS News, Twitter implemented two-step authentication to bolster account security,

Related

Delta Air Lines just made an embarrassing announcement (you may be livid)
screen-shot-2022-06-22-at-3-50-54-pm.png

Delta Air Lines just made an embarrassing announcement (you may be livid)

Business
US weather, climate forecasting is about to get way better
screen-shot-2017-09-07-at-1.jpg

US weather, climate forecasting is about to get way better

Innovation
Cybersecurity leaders are anticipating mass resignations within the year - here's why
cybersecurity

Cybersecurity leaders are anticipating mass resignations within the year - here's why

Security