In association with heise online

12 June 2012, 15:23

Thousands of Twitter accounts wide open after TweetGif hack

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

TweetGif logo Part of a database containing the credentials for more than 8,000 Twitter accounts, apparently obtained from the TweetGif image hosting service, is currently circulating online. The extract contains access tokens and the associated access token secrets which can be used to access users' Twitter accounts.

Users log into the third-party TweetGif app using their Twitter account, and Twitter then provides TweetGif with an access token. This token allows TweetGif to access the user's Twitter account in perpetuity without having to request permission each time it wishes to do so.

The tokens remain valid even when the account password is changed. As a precautionary measure, anyone who has used TweetGif in the past is advised to revoke the service's access rights under Settings ➤ Apps on The LulzSecReborn Hacker group has already claimed responsibility for leaking the user data. The group was also responsible for publishing data from the e-dating web site and from security services provider CSS Corp earlier this year.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit