Twitter is warning users of state-sponsored cyber attacks, a small number of users, including a few connected to security and privacy advocacy, have been notified that their accounts were targeted by nation-state hackers.
The Twitter users received the notifications in the inboxes, the warning messages started a couple of days ago.
Twitter informed its users that hackers, likely associated with “a government,” were trying to compromise their account. The attackers were trying to steal users’ information, including email addresses, IP addresses and phone numbers linked to accounts.
“We believe that these actors (possibly associated with a government) may have been trying to obtain information such as email addresses, IP addresses and/or phone numbers,” Twitter said in its notification.
“At this time, we have no evidence they obtained your account information, but we’re actively investigating this matter,” “We wish we had more we could share, but we don’t have any additional information we can provide at this time.”
According to Motherboard, coldhack, a Canadian “nonprofit dedicated to furthering privacy, security and freedom of speech,” first twitted about the mysterious notification.
Colin Childs, one of the founding directors of coldhak, is a contractor for Tor Project , this could be a possible motivation for the alleged attack.
— coldhak (@coldhakca) 11 Dicembre 2015
Another user of the popular platform that received the notification is Runa Sandvik, a privacy and security researcher and a former Tor Project member.
Twitter reported that targeted users belong organizations like the Electronic Frontier Foundation and Tor Project.
It is the first time that Twitter warns its users of targeted attacks, in October Facebook launched a similar initiative warning its users of nation-state attacks. Back 2012, Google launched it notification service.
It is not clear how both Twitter and Facebook attribute the attacks to alleged state-sponsored attacks, in the case of the Twitter’s warnings it is not clear if the popular platform was hacked whether the accounts were targeted individually.
(Security Affairs – cyber espionage, state-sponsored attacks)