CNN anchor Rick Sanchez wasn't really high on crack this morning, and the reason his Twitter feed said so wasn't the phishing scam that's been going around--it was a lone hacker, the microblogging service said later on Monday.
"The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend," a post on the Twitter blog explained. "These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the e-mail address associated with their Twitter account when they can't remember or get stuck. We considered this a very serious breach of security and immediately took the support tools offline. We'll put them back only when they're safe and secure."
The same hacker was responsible for compromising a number of Twitter's most popular accounts, including those belonging to pop singer Britney Spears, media outlet Fox News, and President-elect Barack Obama.
Twitter has said, meanwhile, that the phishing scam--which used messages from Twitter friends to trick users into entering their user names and passwords into a bogus log-in screen--is under control. "Our on-call team was able to attend to the matter quickly and prevent too many people from being affected," Twitter's blog post read. "Our support team is definitely going to have a busy week because we reset a bunch of passwords just to be on the safe side."
(Credit:
Twitter, screengrab by Ian Schafer (ianschafer.com))
Clarification: Twitter has clarified that this incident was the work of a hacker and separate from the phishing scheme.
CNN anchor Rick Sanchez is one of the most popular users on microblogging service Twitter, with nearly 40,000 followers and a Twitterholic rank in the top 20. Unfortunately for Sanchez, it looks like he fell victim to the phishing scam that has been plaguing the popular service for several days now.
In a "tweet" that has since been deleted, Sanchez's account displayed the message "i am high on crack right now might not be coming into work today"--and we're pretty sure that did not come from Sanchez himself. He has now posted a response tweet explaining that his account was hacked.
Over the weekend, reports began to surface that there was a password-stealing phishing scam making the rounds on Twitter. Disguising itself as a private message that led to a fake Twitter log-in screen, the scam was widespread enough for Twitter to put a warning message on all members' home pages alerting them of the issue.
Why did so many people fall for it? Well, the fake Twitter log-in screen looked pretty darn authentic. And because there are so many third-party applications based on Twitter's application program interface (API), tons of avid users are used to throwing their Twitter passwords around left and right. That is, it goes without saying, probably not the safest habit to get into.
It looks as if the aim of the phishing scam may have been to take over the accounts of some of the service's most popular users: the account for Fox News, as well as pop singer Britney Spears, also had their passwords stolen and offensive tweets sent out. The Fox News tweet, for the record, concerned the sexual orientation of pundit Bill O'Reilly; the Spears tweet made some tawdry allegations about her naughty bits.
UPDATE: Twitter has posted an official blog entry explaining that this is different from the phishing issue. Rather, it was a hacker's doing:
The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend. These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their Twitter account when they can't remember or get stuck. We considered this a very serious breach of security and immediately took the support tools offline. We'll put them back only when they're safe and secure.
Props to marketing blogger Ian Schafer for grabbing this screenshot.
- prev
- 1
- next
