Skip to main content

Twitter Users Warned of 'State-Sponsored' Hacking

Last week, Twitter warned a small number of its users that their accounts may have been targeted by state-sponsored attackers. According to a email message purportedly from Twitter and reposted online, the attacks sought to access account information, including "email addresses, IP addresses and/or phone numbers."

In the purported email message, which also suggested that its recipients consider using the Tor anonymizing service, Twitter explained that it was unable to confirm if any account data had been compromised, and that the company would continue to actively investigate the situation. Twitter has not released any public statement on the topic, so we don't know how many users it notified, or how many accounts may have been affected. But a Twitter list of users who reported receiving the notifications stands at approximately 35 users.

MORE: What Is Tor?

The phrase "state-sponsored attackers" normally means that a government intelligence agency, or hackers working at the behest of one, is responsible for an attack. In the notification emails, Twitter did not point any fingers at a specific nation, or indicate whether there may have been multiple actors at play.

In recent years, Facebook and Google have sent similar alerts to users, often government employees or political figures, but this is the first time Twitter is known to have done so.

The users who have publicly stated receiving notification emails from Twitter have one thing in common: interest in or activism on behalf of online privacy and digital rights. Some of the accounts belong to Tor developers and promoters; one of the targeted users, Niño Orsino, who tweets under the name @hispahack, is a developer of the Tor alternative the Invisible Internet Project, or I2P.

The holders of the supporedly targeted accounts are primarily in North America (the United States and Canada) and Europe (France, Germany, Hungary, Austria and Switzerland), plus one in South Korea.

Twitter told these targeted users that these attacks would be of concern to those who "tweet using a pseudonym" — despite the fact that several notification recipients identify themselves by their real names on Twitter. And while Twitter endorsed using Tor, the social network has a history of blocking Tor users from accessing Twitter.

Tor is also far from perfect. It has some well-known security flaws, and many security experts no longer seeing it as a viable way to cover one's digital tracks.