Microblogging site Twitter is warning certain users via email that they may be potential targets of "state-sponsored" hackers, who may steal telephone numbers, email IDs, and Internet Protocol (IP) addresses. The email advises users to take precaution to protect their personal information and offers a link to information on Tor, a software that allows for anonymous communication on the internet.
According to Twitter, it is possible that the hacks may not have been targeting these users. "At this time, we have no evidence they obtained your account information, but we're actively investigating this matter. We wish we had more we could share, but we don't have any additional information we can provide at this time," says the email sent by the company.
A Canadian non-profit organisation Coldhak tweeted a copy of the email they received from Twitter:
State-sponsored cyber attacks have been in the limelight for a while now, with the most prominent case being that of an alleged North Korean government-backed group hacking into Sony pictures in 2014. Hackers had breached the company's computer network and leaked huge amounts of confidential information including the private emails and close to 100 terabyte of data prior to the release of the film The Interview, which was a parody of North Korea's supreme leader Kim Jong-un.
Similarly, the Syrian Electronic Army, a hacking group that supports the regime of President Bashar al-Assad, claimed responsibility for several cyber attacks in the past including those on the Twitter accounts of news outlets such as Onion, Associated Press, NPR, CBS, the Guardian and the BBC.
Social media in particular has been marred by such hacks in the recent past. Similar messages have been sent by Facebook and Google to users warning them of state sponsored actors attempting to steal their private information. A Google warning sent out in June 2012 read: "You might ask how we know this activity is state-sponsored. We can't go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis — as well as victim reports — strongly suggest the involvement of states or groups that are state-sponsored."
Facebook also posted a public message in October saying: "We will be informing users that they will be notified at any point in the future if the site believes their account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts."
In 2013, NSA contractor and whistle-blower Edward Snowden had claimed that a covert programme called PRISM gave the NSA and FBI back-door access to major tech companies like Apple, Google, Facebook and Microsoft users' personal data. The companies denied having any knowledge in this regard and Google had issued a statement saying: "From time to time, people allege that we have created a government 'backdoor' into our systems, but Google does not have a 'backdoor' for the government to access private user data."