Twitter Hacked !! This time for Real !

Twitter is sending out emails to 250,000 users it says may have had their accounts compromised in the last week as the site experienced “unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data.” Twitter tells us that this is “not related” to the widespread, but intermittent, outage the site saw yesterday.

The text of the email is below. In its blog post on the hacking, Twitter recommends that all users make sure they have a secure enough password on their account. In truth, there still seems to be some big unanswered questions. Twitter notes that “attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords”, which can also be interpreted as “may not have had access”, or may not have had access to all of those different elements. The reader who sent in the letter below tells us that he had not seen any unusual activity on the account recently — so any password or other kinds of compromises had not yet translated into actions, for him at least.

One coincidence that appears to be emerging is that many of the people who have been affected were among some of the earliest adopters of Twitter. Our reader signed up in 2007, and we have heard similar reports from others receiving the email.

Twitter says that it believes that other websites may have been compromised.

“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” Bob Lord, director of information security at Twitter, notes in the blog post. “The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.”

Twitter would not comment on whether it had any information on which other companies may have had related attacks — although by coincidence Amazon yesterday also had an outage, although we understands that Amazon has determined that outside groups were not involved. Twitter does, however, refer to the security breaches at both the New York Times and the Wall Street Journal, as well as the recent security issues with Java in browsers, as examples of how hacking is everywhere (and to possibly deflect a little attention from what has just happened on its site).



Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We’ve reset your password to prevent others from accessing your account.

You’ll need to create a new password for your Twitter account. You can select a new password at this link:


As always, you can also request a new password from our password-resend page:

Please don’t reuse your old password and be sure to choose a strong password (such as one with a combination of letters, numbers, and symbols).

In general, be sure to:

  • Always check that your browser’s address bar is on a website before entering your password. Phishing sites often look just like Twitter, so check the URL before entering your login information!
  • Avoid using websites or services that promise to get you lots of followers. These sites have been known to send spam updates and damage user accounts.
  • Review your approved connections on your Applications page at If you see any applications that you don’t recognize, click the Revoke Access button.

For more information, visit our help page for hacked or compromised accounts.

According To #Twitter

According to Twitter, it was hacked and 250K accounts were affected, so they received emails from the company to change their password. This is not the first time this has happened, but this time it was a real hack, rather than a blend of real hacks and “false alarm” blast of emails like last time.

Way to start off our weekends, Twitter. Who knows if you’ll even get the email from Twitter about it, I know that I filter all of those things out. You can read all of the details about the hack and the company response here.

I find it really confusing when anything like this happens, because it feels like companies try to diminish the perception of the impact of the situation. Fact of the matter is, its users are seeing sad tweets from their friends about how they got hacked. I even had one person tell me that they felt like they weren’t cool enough because they didn’t get hacked.

Instead, or in addition to, just go change your password. We’re all cool enough to get hacked. The number, 250K affected, seems a bit too tidy to me, and I’m not saying that Twitter is lying, I’m just saying that it’s better to be safe than sorry.

Twitter also suggests this course of action, which is way too much for most people’s brains to process on a Friday:

“We also echo the advisory from the U.S. Department of Homeland Security and security experts to encourage users to disable Java on their computers in their browsers.”

Sure, OK.

Happy Tweeting (Maybe)! While you’re at it, change all of your passwords for everything. It’s a good thing to do once in a while, especially if you use the same one for every single site you log into.

[Photo credit: Flickr]
[-via TechCrunch]

Working together to Fight Bad Ads, Ads Integrity Alliance.


June 14th 2012: StopBadware is announcing the formation of an industry partnership to combat bad ads. Google is pleased to be a founding member of the Ads Integrity Alliance, along with AOL, Facebook, Twitter and the IAB.

Since its beginnings in 2006, StopBadware has enabled many websites, service providers and software providers to share real-time information in order to warn users and significantly eliminate malware (such as viruses, phishing sites and malicious downloads) on the web. We believe that the Ads Integrity Alliance can make a similarly important contribution to the goal of identifying and removing bad ads from all corners of the web.

In 2011, Google alone disabled more than 130 million ads and 800,000 advertisersthat violated our policies on our own and partners’ sites, such as ads that promotecounterfeit goods and malware. You can read more about our efforts to review adsand also see the numbers over time. Other players in the industry also have significant initiatives in this area. But when Google or another website shuts down a bad actor, that scammer often simply tries to advertise elsewhere.

No individual business or law enforcement agency can single-handedly eliminate these bad actors from the entire web. As StopBadware has shown, the best way to tackle common problems across a highly interconnected web, and to move the whole web forward, is for the industry to work together, build best practices and systems, and make information sharing simple.

The alliance led by StopBadware will help the industry fight back together against scammers and bad actors. In particular, it will:

  • Develop and share definitions, industry policy recommendations and best practices
  • Serve as a platform for sharing information about bad actors
  • Share relevant trends with policymakers and law enforcement agencies
Bad ads reduce trust in the web and in online advertising. The web puts the world’s information at your fingertips and has given everyone a platform to speak, listen, engage and unite. The growth that businesses generate from online advertising has enabled an enormous part of this platform. We think the web is worth fighting for, which is why we strongly support the Ads Integrity Alliance’s efforts to tackle bad actors who seek to damage it.

(via Google Blog, Eric Davis, Global Public Policy Manager)

6.5 million LinkedIn Passwords HACKED !! Change Yours Now!

Update: LinkedIn has responded to the issue, updating its official Twitter account to state that it is “looking into reports.” Scroll down for more information.

Already in the spotlight over concerns that its iOS app collects full meeting notes and details from a device’s calendar and sends them back to the company in plain text, LinkedIn user accounts are now said to have been compromised, with 6.5 million hashed and encrypted passwords reportedly leaked.

Norweigan IT webite Dagens IT reported the breach, with 6.5 million encrypted passwords posted to a Russian hacker site. Security researcher Per Thorsheim has also confirmed reports via his Twitter feed, stating that the attackers have posted the encrypted passwords to request help cracking them.

Finnish security firm CERT-FI is warning that whilst user details have not been posted, it is believed that the attackers will have access to user data as well as their passwords.

LinkedIn – Twitter

What should you do? For starters, change your password.

LinkedIn hasn’t responded to reports at the time of writing, so the breach is yet to be confirmed. However, over 300,000 passwords are said to have been decrypted, and more are being cracked as we write this. We suggest you employ good security practises and amend yours, regardless of whether you have been affected or not.

LinkedIn is home to more than 150 million users, suggesting the breach is limited to less than 10% of the professional social network’s userbase, but it will still affect a huge number of users.

The unsalted hashes use SHA-1 encryption, and while it is somewhat secure, it can still be cracked if the user employs a simple dictionary password.

Earlier today we reported that the LinkedIn iOS app collects full meeting notes and details from your device’s calendar and sends them back to the company in plain text.

The information is gathered without explicit permission by a feature that allows users to access their calendar within the app. LinkedIn has took the time to formulate an official response, noting that a new version of the app it on its way.

It also provided a list of what it does and doesn’t do with your data.

We have contacted LinkedIn for clarification on the password breach and will update the article should we receive a response.

-(via The Next Web)

Twitter shows up the X factor via DM’s:

The fate of the 12 remaining contestants on the U.S. version ofThe X Factor will be in the hands of the viewers starting Nov. 2., and they’ll now have a new way to support their favorite performer: Twitter direct message-enabled voting.

Though other shows have used Twitter to create buzz, The X Factor will become the first TV competition to tally DM votes to help determine a winner.

The X Factor has raised the bar for innovative television with its use of Twitter,” says Chloe Sladden, Twitter’s director of content and programming. “We’re thrilled to see the creators of The X Factor push the envelope further by being the first television show to formalize this phenomenon through Twitter voting.”

Social media and technology continue to change the public’s TV-watching experience, but the evolution of social TV has affected competition shows the most.

For example, American Idol let viewers vote on the show’s Facebook Page during season 10. The Voice — a new singing competition that became a 24/7 social media conversation earlier this year — allowed viewers to vote by buying the contestants’ songs on iTunes. And design competition Project Runway let fans use Twitter hashtags to vote for a “Fan Favorite” every episode

The shows hope the new voting methods spark social buzz that will lead to better ratings.

The X Factor offers four other voting methods: Viewers can call, text, go to the show’s website or — if you’re a Verizon subscriber with an Android device — use The Xtra Factor App.

“Launching touch screen voting on Verizon’s The Xtra Factor App and the new voting on Twitter is really exciting,” says the show’s star judge Simon Cowell. “I love that the audience has more and more choice in the way that they can vote.”

To vote on Twitter, viewers must follow @TheXFactorUSA and DM their votes to that handle. Regular tweets will not be tallied. The X Factor has set a limit of 50 votes for viewers voting on the show’s website and on Twitter, while voting via SMS, SMS in-app and telephone is unlimited.

For a full list of contestants’ Twitter handles, click here.

1,600 Advertisers to Twitter.

InstagramTwitter’s Chief Revenue Officer Adam Bain took the stage at IAB’s Mixx Conference today and revealed a few milestones for the communications platform, specifically in the advertising area. Bain said that Twitter now has 1,600 advertisers using the platform to reach consumers, and currently has an 80 percent retention rate with advertisers. Back in July Twitter CEO Dick Costolo said that the number of advertisers on Twitter had gone up by 600 percent, since last year when it was in the hundreds.

Back in March, Twitter partnered with Paramount Pictures to launch the trailer for new film SUPER 8 on Twitter. Bain also said today that Twitter helped Super 8 sell 1 million sneak peek tickets, and opening weekend box office exceeded projections by more than 50 percent. Another example of advertising success on Twitter, was with fashion line Burberry, who launched a fashion show on Twitter and saw 14 percent higher engagement, and saw a 10X lift in brand mentions.

Bain told the audience today that engagements on Twitter ads are defining by clicks on links and retweets.

Costolo told the media a few weeks ago that advertising is a key strategy for the company. “Our advertising method is the only one we need to be a big business,” he said at the time.

eMarketer just released a report indicating that Twitter’s ad revenue is expected to be lower this year, but will grow significantly over the next few years once the platform’s self-serve ad product rolls out. In fact, in 2013, eMarketer estimates worldwide ad revenues at Twitter will reach nearly $400 million.

Photo Credit/Michael Lazerow

-(via Tech crunch)

Twitter Upgrades User Profiles With Image Galleries:

Should you post photos to Twitter via its new photo-uploading tool, or through a third-party photo-sharing service such as yFrog, TwitPic or Instagram, your photos will soon be featured on your Twitter profile in an image gallery.

Twitter is rolling out user galleries, as the feature is called, to members beginning Monday. Galleries will automatically display the 100 most recent images the user has shared by way of Twitter — dating back to January 1, 2010 — from supported photo-sharing services.

Galleries will live on a user’s profile and highlight a few recent images. A visitor can click the “view all” button to see even more images in either a grid view showing image thumbnails or a detail view highlighting the most recent image and the text of the tweet that was shared along with it.

The update ties into Twitter’s photo-sharing push and will dramatically change the appearance of Twitter profiles. Galleries will provide equal billing to images shared via third-party app makers, but also serve to remind users that Twitter is no longer a place just for 140 characters — it’s for photos too. The update is likely designed to entice Twitter users to add more photos to their tweets.

Galleries, at launch, will be image-only. Twitter Communications Manager Carolyn Penner said in a tweet that users can expect to see the update Monday. “We’re rolling out one of my fave features today: user galleries! View photos an account has shared on Twitter. Sit tight – it’s coming soon,” she tweeted.

This slideshow requires JavaScript.

Twitter’s up with a New Feature.

Twitter has rolled out a subtle but significant interface enhancement to its web app, prompting users to publicly reply to a user when they visit that person’s profile page.

You can see how it works in the example I’ve created here using my own Twitter profile, where the field that was formerly empty now reads “Tweet to @ashrules24”.

Perhaps Twitter was hoping the small change would be implemented without fanfare, but keen-eyed user Jeevan Gill (@jsammy17) tweeted to Twitter CEO Jack Dorsey, asking him if this was a new feature. Replied Dorsey, “@jSammy17 as of today!

Even though Twitter just introduced its new Activity tab to its user interface yesterday, for some reason the company decided not to publicize this subtle tweak. Maybe the company didn’t want to get in the way of the social gaming war now underway between Google+ and Facebook.

Even so, any attempt to stimulate further social interaction on Twitter is probably a good idea, especially given the increased competition it’s facing from Google.

Twitpic Founder Launches Twitter Clone.

Revenge is a dish best served cloned. Twitpic founder Noah Everett has unveiled Heello, his feature-for-feature copy of Twitter. The move comes just a day after Twitter completed the rollout of its photo-sharing service — a direct competitor to Twitpic.

Heello looks and acts like Twitter in almost every way. Instead of tweeting, users send “pings” to their followers. Instead of retweeting, users “echo” other posts. And instead of following, friends “listen” to their friends. The only real difference is that updates appear in a user’s stream in real-time, which is quite annoying if you want to click on something in a friend’s tweet.

And if that weren’t enough, Heello boasts Twitter and Facebook integration, so your Heello posts can still go to your other social networks. It also includes a real-time feed of all public activity, which currently contains a number of fake accounts claiming to be CNN, Tumblr and Mark Zuckerberg.

The clone seems more of a publicity stunt than a real business. Twitter blindsided Everett when it launched a feature that was directly competitive to his company, and this may be payback. Nevertheless, Everett told VentureBeat that Heello will soon support video, checkins, SMS integration, mobile apps and a “Channels” feature that works much like Twitter Lists.

Much as we love new social media services, we’re not sure what to make of Heello. If Everett was looking for some attention, well, mission accomplished. But his service will have a tough time gaining traction against Twitter, and its 200 million registered users, without any truly innovative features.

Then again, if there’s one skill entrepreneurs have, it’s the ability to charge ahead with blind optimism, even when the numbers are against you.

Old Version of Twitter to Be Dropped Down This Week:


Twitter is finally retiring the old version of its social media service, nearly a year after the launch of New Twitter.

“If you’re currently using Old Twitter, we want to let you know that you’ll be upgraded to New Twitter this week,” the company announced in a tweet.

Twitter has been warning users since the switch to New Twitter that the old version would eventually be retired. In June, the social media company made its warning more urgent. Twitter informed us at the time that a permanent switch was impending.

Will you miss the old version of Twitter, or is this change long overdue?

Promoted Tweets in Timeline :

Twitter users will start seeing ads in their timeline over the next few weeks. The company officially announced on Thursday that a new Promoted Tweets option will roll out with a number of advertisers.

This is a big move for Twitter, and certainly its most invasive advertising play to-date. Up until now, Promoted Tweets have only shown up in Twitter search or along user’s sidebars as a promoted Trending Topic. Now, Promoted Tweets will show up directly in the stream, with one caveat: you’ll only see ads from accounts that you already follow.

In that sense, Twitter hopes to make the ads something that users will find useful, or at least be able to stomach. The company writes in a blog post: “From the start, our philosophy around advertising has been simple: We put our users first and strive to create products that enrich the Twitter experience for every Twitter user.”

The new breed of Promoted Tweets will sit “at or near” the top of a user’s timeline. However, once a user sees it for the first time, it will begin scrolling down the timeline like other tweets. Twitter also says that the tweets can be “easily dismissed from your timeline with a single click.”

Initial advertisers for the new program include a number of companies that already have significant Twitter following, including Starbucks, JetBlue, Gatorade, Groupon, HBO and Sephora. A number of non-profits including The American Red Cross and charity: water are also participating.

The launch doesn’t come as a surprise — it’s long been suspected that Twitter would put ads in the stream.