Last time Hacker Croll had gained access to the Twitter administration console, giving him access to the accounts of millions of Twitter users. His intention seemed to be to embarrass the micro-blogging network as he posted screenshots revealing that he'd been able to access private information regarding the accounts of the likes of Barack Obama, Britney Spears, Ashton Kutcher and Lily Allen.
How had the hacker wormed his way in? By resetting the employee's Yahoo password after guessing the answer to their online "secret question" and finding the information about their Twitter login credentials inside.
Now it has become clear that Hacker Croll has also stolen confidential corporate documents and shared the information with popular website TechCrunch.
TechCrunch founder Michael Arrington says his site was sent 310 documents, including information about employees, their credit card numbers, confidential contracts with the likes of Nokia, AOL and Microsoft, email conversations with show business celebrities, phone numbers, plans for a TV show, financial projections, meeting reports and salary information.
Again, online email systems and poor password security appears to have been the weak link. A Twitter employee was using the same password on more than one website, and the hacker was able to determine it. This opened a treasure trove of corporate information that the company was storing in Google Docs, Google Calendars and Gmail.
Before any of us feel too smug about this - ask yourself this question: Do you use the same password on multiple websites? Because research conducted by Sophos shows that 33% of people do precisely that all the time.
Very few computer users seem to have woken up to the risks of using weak passwords and the same ones for every site they visit. With social networking and other internet accounts now even more popular, there's plenty on offer for hackers and by using the same password to access Facebook, Gmail and your Ebay account, you're making it much easier for them.
In the case of the Twitter security leak, for instance, it's even reported that the hacker gained access to Twitter's domain name account on GoDaddy and could have redirected the traffic to another IP address, perhaps with malicious intent.
I suspect that the people at Twitter have learnt their lesson now. They have reportedly told their staff to change their passwords to unique, non-dictionary words, are introducing two factor authentication, and have advised their millions of users to never use the same password on multiple websites. Of course, there is more they could be doing to better protect their users - but at least they're making a start.
If I were one of the bosses at Twitter I would be feeling pretty embarrassed by what's happened, but I would also have some other emotions.
More Web Hosting News:
http://fearoutweighs.blogspot.com/
http://webotcpicks.blogspot.com/
http://webhostversaweb.blogspot.com/
http://webhostslights.blogspot.com/
http://godaddydelivers.blogspot.com/
http://godaddyreleases.blogspot.com/
http://moneywebhost.blogspot.com/
Friday, July 17, 2009
Web Hosting
Today we see lot's of concern over Bandwidth and Data Transfer cost's. There have even been suggestions from certain ISP providers of charging by the Gig for Bandwidth. These cost's sometimes end up getting floated over in the purchase of Web Hosting Plans. This should be the last place that we see these types of increases on the usage of Bandwidth. Most often, We are already paying to much for these types of Hosting Plans.
Subscribe to:
Posts (Atom)