Twitter Spam Attack Highlights Need for Different Passwords, Sophos Reports

MUMBAI / BANGALORE, India – December 14, 2010 – IT security and control firm Sophos is today reminding computer users of the importance of maintaining different, hard-to-guess passwords for all their online accounts, following reports that a recent security breach at Gawker Media – which involved the leaking of user passwords for sites such as Gizmodo and Lifehacker – has now been linked to a widespread spam campaign on Twitter.  As many as 1.3 million account details are believed to have been stolen from Gawker’s servers, and have since been posted on sites like Pirate Bay.

Hundreds of thousands of Twitter accounts appear to have been compromised by hackers, who have spread spam promoting an Acai Berry diet.  According to Del Harvey, Twitter’s director of trust and safety, the messages seem to have been posted from accounts where users were using the same password on both Twitter and Gawker.

The key issue here is that too many users – as much as a third – are still using the same password for every website they access,” said Graham Cluley, Senior Technology Consultant at Sophos.  “Once one password has been compromised, it’s only a matter of time before the fraudsters will be able to gain access to your other accounts and steal information for financial gain.  Password security is becoming more important than ever. Make sure that you’re taking the issue seriously, or suffer the consequences.

In a poll of 676 computer users in March 2009, Sophos found that 33% used the same password all the time, 48% used a few different ones and only 19% never used the same passwords for different websites.

Sophos has produced a video, which sites are free to embed, that demonstrates a method of selecting a strong password

For more information and images, please visit the Sophos Naked Security blog—

# # #

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use, and that deliver the industry’s lowest TCO. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs—a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards. Sophos is headquartered in Oxford, UK and Boston, US. More information is available at


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s