Skip to main content

15,000 Twitter Credentials Stolen and Leaked, Hacker Promises More Soon

By August 23, 2013March 6th, 2023Cybersecurity

1383851_ring_the_bell_pictogramTwitter users need to be on the lookout for third-party application connections to their accounts, and should disengage and reengage all of them to skirt around hacking attempts.

In fact, that’s advice straight from the hacker who just leaked 15,167 Twitter credentials on Tuesday. The hacker, Mauritania, promised Techworm that he planned on stealing the “entire database of Twitter users [credentials]” and “no [Twitter] account is safe”. Depending on how he “feels,” he may or may not release the data he acquires, however.

While the information stolen thus far doesn’t include any hashed or unhashed passwords, it does include Twitter IDs, pictures, and OAuth tokens. OAuth tokens are what allow you to have access to Twitter without having to log in with a password each and every time. This is primarily used for third-party application login. So while having an OAuth token is not quite as good as having a password, it can technically grant access to a Twitter account.

Twitter has not come out with an official statement nor report on the issue, but the hacker himself says that there is an easy solution. Simply revoke all third-party access to your Twitter account, then reengage all of it. This will invalidate the OAuth tokens being used, and will render any data he stole useless until a second hacking attempt is made.

However, experts believe that Mauritania hacked into a third-party application that used OAuth tokens instead of Twitter itself, and that Twitter suffered no breach.

Mauritania isn’t the first person to expose the problem with OAuth tokens, which all work exactly the same on Facebook, Instagram, and Twitter. OAuth tokens don’t expire, and thus can be used to log-in indefinitely until they are manually reset by disconnecting and reconnecting a third-party application.

Skype, Dropbox, and Facebook have all reported that they have fixed OAuth vulnerabilities on their websites since Mauritania spoke with Techworm, but nothing has been heard from Twitter as of today.

So remember: simply revoke access to third-party applications and reconnect your account to said applications using the Twitter settings page while Twitter addresses the issue on its end.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.