A post in the Twitter Blog (by @Biz) clarifies that the attack had nothing to do with any “security vulnerability issues in Google Apps” as widely reported by major blogs and media. This was more of a personal attack where the hacker was able to probably guess the password and get access to personal accounts of the user.

From the blog:

About a month ago, an administrative employee here at Twitter was targeted and her personal email account was hacked. From the personal account, we believe the hacker was able to gain information which allowed access to this employee’s Google Apps account which contained Docs, Calendars, and other Google Apps Twitter relies on for sharing notes, spreadsheets, ideas, financial details and more within the company. Since then, we have performed a security audit and reminded everyone of the importance of personal security guidelines.

This attack had nothing to do with any vulnerability in Google Apps which we continue to use. This is more about Twitter being in enough of a spotlight that folks who work here can become targets. In fact, around the same time, Evan’s wife’s personal email was hacked and from there, the hacker was able to gain access to some of Evan’s personal accounts such as Amazon and PayPal but not email. This isn’t about any flaw in web apps, it speaks to the importance of following good personal security guidelines such as choosing strong passwords.

Read more here….

(Pic: from Twitter Blog)

Popularity: 1% [?]