The social networking site said usernames, email addresses and encrypted passwords may have been taken during an "extremely sophisticated" attack on its systems.
It said one attack was shut down moments after it was detected, adding that the passwords of users who may have been affected had been reset.
In a blog posting, Bob Lord, director of information security at Twitter, said there had been "a recent uptick in large-scale security attacks aimed at US technology and media companies", with the New York Times among those targeted.
He said: "Our investigation has indicated the attackers may have had access to limited user information - usernames, email addresses, session tokens and encrypted/salted versions of passwords - for approximately 250,000 users.
"As a precautionary security measure, we have reset passwords and revoked session tokens for these accounts."
"This attack was not the work of amateurs and we do not believe it was an isolated incident," he added. "The attackers were extremely sophisticated and we believe other companies and organisations have also been recently similarly attacked."
Mr Lord said that although "only a very small percentage" of users were potentially affected, everyone who uses the site should ensure their password is secure.
He said passwords should be at least 10 characters long, contain upper and lowercase letters, numbers and symbols, and be different to passwords used for other online accounts.
No comments:
Post a Comment