Hackers may have been attempting to get personal information, like email addresses or phone numbers.
Twitter has notified a group of users it believes may have had their accounts hacked by “state-sponsored actors” over the weekend, the Guardian reported today (Dec. 14). The publication lists over 30 accounts that have apparently been contacted via email by the social-networking site.
According to newspaper, Twitter sent a message to users saying that hackers may have been attempting to get personal information, like email addresses or phone numbers, though hacking Twitter accounts. Most of the users appear to have ties to the IT security industry.
In its email, Twitter said it has “no evidence” to assume that hackers have succeeded. Some users have posted the email they received on Twitter itself, and the full text reads:
As a precaution, we are alerting you that your Twitter account is one of a small group of accounts that may have been targeted by state-sponsored actors. We believe that these actors (possibly associated with a government) may have been trying to obtain information such as email addresses, IP addresses, and/or phone numbers.
At this time, we have no evidence they obtained you account information, but we’re actively investigating this matter. We wish we had more we could share, but we don’t have any additional information at this time.
It’s possible your account may not have been an intended target of the suspected activity, but we wanted to alert you as soon as possible. We recognize that this may be of particular concern if you choose to Tweet using a pseudonym. For tips on protecting your identity online, you may want to visit the Tor Project or EFF’s Protecting Yourself on Social Networks.
Quartz has reached out to Twitter to confirm the veracity of these emails, and how many people they were sent to, and will update this post as necessary.
As the Guardian points out, both Facebook and Google have previously set up warning systems for accounts that they believe to have potentially been hacked by governments, but have not said how they determine the difference between these hacks and those committed by regular people.