Dubious honor: I'm among the 250,000 Twitter users for whom "limited user information" might have been accessed. That includes usernames, e-mail addresses, session tokens, and encrypted/salted (i.e. not plaintext) passwords. Twitter reset passwords for us, which was wise. For those of you recycling passwords on many sites, be warned. For those of you running sites without dual-factor authentication, get with the program.

Here's how Twitter concluded its alert:

"This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users."
Shared publiclyView activity