TweetGif Hacked -LulzSec Reborn Leaks 10,000 Twitter Accounts
LulzSec Reborn the newly formed hacker group who are claiming to be a part of hacktivist Anonymous strikes again. Earlier this hacker collective group represented themselves as revised version of infamous LulzSec or Lulz Security. Earlier in this year this group also behind the breach of MilitarySingles.com & CSS Corp- Global Information & Communication Technology Service where more that 170K of military details get exposed. Now this group is taking responsibility for leaking 10,000 usernames and passwords of members who used TweetGif, an animated Gif-sharing application.
TweetGif let users share GIFs, required users to share information including their real names, passwords, bios, locations and secret tokens and so on.
In a pastebin note LulzSec Reborn merely linked to a destination for people to download the .SQL file containing an unusually detailed trove of information on each member: usernames, real names, locations, bios, avatars, OAuth tokens used to authenticate TweetGif to pull Twitter data, and even their last tweet. Though the hackers' motivations are unclear at this point or n other word the hacker group did not mention any proper reason of this hack.
Reaction of Twitter :-
"We can confirm that all Twitter account passwords have remained secure, and no breach of our systems has occurred in connection with the events experienced by TweetGif. Regarding how TweetGif was compromised, we can't speak on their behalf.
Since this application used OAuth, no user passwords were exposed; for more information on why OAuth is our recommend connection method to grant an application access to your account, please see our help pages on Safety: Keeping Your Account Secure and How to Connect and Revoke Third Party Applications. "