Last night, Twitter was hijacked by the "Iranian Cyber Army"; while there've been no confirmed password leaks or anything of the sort, now seems to us like a great time to change up your passwords. Here's why:
The Twitter blog reported that the problem was due to compromised DNS records, meaning that the hackers were able to redirect user requests for Twitter.com to their own server — which served up the page in the screenshot above. Although the redirect doesn't appear to have done anything malicious beyond that — and a DNS hijack doesn't mean the hackers would have access to Twitter's database — the hackers could just as easily easily have set up a fake login page and harvested plenty of passwords phishing-style if they had wanted to. Which is why — even though this DNS hijack appears to have been relatively benign — we think now's a very good time to do a little password refreshing (particularly if you use your Twitter password elsewhere).
Luckily we've been down this territory before. with detailed how to choose good security questions and answers. After Sarah Palin's email account was hacked last year, we also went in depth with a few more tips for protecting your email from hackers.
All those new strong passwords can be a pain to remember, which is why we'd also recommend securely tracking your passwords with KeePass. You get the benefit of rock-solid passwords without the hassle of remembering every character of your long password (complete with mix-case letters, numbers and characters).
Twitter Hacked, Defaced By "Iranian Cyber Army" [TechCrunch]