LulzSec Reborn, the self-proclaimed reincarnation of the disbanded Lulz Security, has posted about 10,000 Twitter usernames and passwords on Pastebin. The leaked Twitter accounts are from people who use TweetGif, a third-party app that lets users share animated GIFs.
What’s concerning about the file is that it doesn’t just contain Twitter usernames and passwords. It also contains publicly available information, including users’ real names, locations, Twitter biographies, and links to Twitter avatars, as well as secret tokens used to authorize TweetGif. The file also shows the timestamp of each user’s last tweet.
LulzSec Reborn did not say why it posted the account information.
With 10,000 accounts breached, this Twitter-related hack actually isn’t all that impressive. Just last month hackers posted more than 50,000 Twitter account usernames and passwords to Pastebin, and in 2009 multiple celebrity Twitter accounts were hacked, including those of President Obama, CNN anchor Rick Sanchez, and pop star Britney Spears. This breach also only affects users of TweetGif, which is a relatively small app. (According to PC Magazine, it has less than 75,000 visitors globally.)
However, if you happen to use TweetGif, you should check to see whether your account information has been compromised. To check, go to this Pastebin link and follow the embedupload link from the post. Download the .SQL file using one of the services (such as RapidShare). Next, download Notepad++ and install it on your computer. You can now open the .SQL file in Notepad++ and search the document. To find your Twitter name (if it happens to be there), just hit Ctrl + F and type in your username.
Even if you don’t find your account in the leaked file, you may want to change your Twitter password…just in case.