Twitter has revealed that they have identified a number of Torrent sites aimed at stealing the login names and passwords of the social networking sites’ users. Due to a number of individuals using the same login information across a range of sites the compromised torrent sites, which hold indexes of links to music, film and TV files, were able to hack into Twitter accounts.
Reassuring users that any account affected by the scheme had been reset and the Twitter individual notified, they expressed “The takeaway from this is that people are continuing to use the same email address and password (or a variant) on multiple sites. We strongly suggest that you use different passwords for each service you sign up for.” Explaining the scheme using the compromised Torrent sites, they added “It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own. This person then waited for the forums and sites to get popular and then used those exploits to get access to the username, e-mail address, and password of every person who had signed up.”
The case has highlighted the importance for all internet users to change login and password information for each service that is signed up for. Trusteer, the online security firm expressed concern that a possible 73per cent of the population uses the same account information for banking sites and other, non secure, services with the firms’ Amit Klein saying “Consumers are not aware, or are choosing to ignore, the security implications of reusing their banking credentials on multiple websites.”
