Twitter has begun notifying account holders who the company believes are being targeted by state-sponsored hackers, following in the footsteps of Google and Facebook as government-hired cyber spies continue to set their sights on social media.
At least a dozen Twitter users received warnings from the company on Friday informing them of suspicious activity linked to their accounts.
“As a precaution, we are alerting you that your Twitter account is one of a small group of accounts that may have been targeted by state-sponsored actors. We believe that these actors (possibly associated with a government) may have been trying to obtain information such as email addresses, IP addresses, and/or phone numbers,” the messages all began.
“At this time, we have no evidence they obtained your account information, but we’re actively investigating this matter. We wish we had more we could share, but we don’t have any additional information we can provide at this time,” the warnings continued.
The Tor Project, a U.S.-based nonprofit, oversees Tor, a specialized Web browser that enables individuals to browse the Internet anonymously to evade eavesdroppers and online restrictions.
“I spend a lot of time talking about how to protect your information and digital security in general,” Runa Sandvik, a security researcher formerly employed by the Tor Project, told Motherboard, adding that “it didn’t seem like there was a really clear link” between her account and others who had received the warnings.
“Twitter suggests in their message that it’s possible that I wasn’t the target, and that seems likely to me,” added Canadian software developer Phil Schleihauf. “That said, while I don’t personally work on security research, I’m somewhat engaged in that community and know/follow/interact with people who do, so maybe they were targeting broadly?”
While Friday’s notifications marked a first for Twitter, Google began warning users of similarly suspicious activity in 2012, with Facebook following suit this past November.
Senior officials in the United States government have since said that State Department employees had their Facebook accounts targeted by foreign hackers in recent weeks, and only learned as much after receiving warning from the site’s security team.
Check Point, an Israeli cybersecurity company, told The New York Times last month that hackers working on behalf of the Iranian government allegedly made more than 1,500 attempts at compromising the social media accounts of State Department employees in May, then briefly put that campaign on hold before reigniting it after officials in Tehran ironed out a nuclear arrangement in July.
Once that deal was complete, the paper reported, the state-sponsored hackers attempted to hack the Facebook accounts of some 1,600 individuals ranging from members of academia to government officials, journalists and human rights activists — likely in an attempt to compromise their personal or work computers by tricking targets into clicking links on social media that load malicious software.