Twitter Inc (NYSE:TWTR) has resumed its TweetDeck service after it was temporarily suspended following a hack attack on Wednesday. Just a day before, a cross-site scripting (XSS) was found on a TweetDeck client, which could have compromised the security of millions of accounts.
“We’ve verified our security fix and have turned TweetDeck services back on for all users,” says the TweetDeck account.
User’s private information at risk
The official account of TweetDeck announced that the issue has been resolved and users should re-log into their account for the latest update. Other Twitter web interfaces along with the apps like Echofon running on API were not affected.
Earlier, TweetDeck posted on its official account, “We’ve temporarily taken TweetDeck services down to assess today’s earlier security issue. We’ll update when services are back up.”
The affected version of TweetDeck started running javascript code contained in Tweets from other sites. Although most of the attacks are nothing more than irritations and open warning dialogues on Twitter Inc (NYSE:TWTR) users computers, one specific version created a retweet and was shared 38,000 times in two minutes. Another attack changed the font on TweetDeck to Comic Sans.
These attacks could result in hacking of accounts, posting tweets, changing unfollow and follow people and more. The script is capable of causing other damage like sending a user’s private information to the hacker such as passwords, username and card numbers. XSS is capable of stealing the cookie sign on information, which means that users should change or delete all their saved passwords and sign in again on a secure browser session and change their logins.
Similar attacks on Twitter
Twitter Inc (NYSE:TWTR) acquired TweetDeck, a British company, for about £25m ($40m) in May 2011. There has not been any comment from the company. TweetDeck primarily focuess on professionals, providing a web or app-based interface showing multiple results of different searches and users. TweetDeck enables users to align their tweet streams and gives a more comfortable view of Twitter feeds.
Back in 2013, the Twitter Inc (NYSE:TWTR) accounts of The Associated Press were also hacked, and tweeted a false attack on White House. Back in 2010, the micro-blogging site suffered another attack, which was revealed by an Australian teenager.
