Around 250,000 twitter accounts were breached as per a mail sent out by Twitter. The mail was sent as a warning mail to users telling them that their accounts may have been compromised in the last week. Investigation revealed that attackers were able to access usernames, email addresses, session tokens, and encrypted/salted passwords.
Twitter sent out emails to these users letting them know that the site had reset their passwords. Users will have to create new passwords to access their accounts.
Bob Lord, director of information security, wrote on the Twitter blog
“This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked,” read the blog. “For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”