Twitter’s TweetDeck resumes after breach

Published Jun 12, 2014

Share

San Francisco - Twitter said its TweetDeck tool for organising and tracking tweets has resumed operation after experiencing a security issue.

The service had earlier been taken down following a breach, the San Francisco-based microblogging company said in a post on its @TweetDeck Twitter account.

An earlier tweet said the company had fixed the issue and Twitter later added that it had verified the security bug had been resolved.

Twitter didn’t describe the vulnerability and didn’t immediately respond to a request for further comment.

Numerous companies have been hit by technology security issues recently.

Restaurant chain PF Chang’s China Bistro said yesterday it was investigating whether it was the target of a data breach.

Hackers previously wreaked havoc with Target and Neiman Marcus, exposing the credit-card data of tens of millions of customers.

In March, Sally Beauty, a seller of hair and beauty products, said data from customers’ payment cards had been illegally accessed and may have been stolen.

TweetDeck, one of the biggest Twitter client programs, which lets people use the microblogging service via another program, was bought by Twitter in May 2011 for about $20 million.

The vulnerability in TweetDeck appeared to be a cross-site scripting bug, or XSS, a common computer programming error that lets hackers inject commands into Web pages and force them to do things they normally wouldn’t, according to security experts.

In this case, the most obvious damage was mischief makers exploiting the security hole to post pop-up messages to users’ screens.

Cross-site scripting vulnerabilities can range from serious weaknesses that expose sensitive information to minor flaws that result in harmless annoyances to users.

Hackers exposed a similar vulnerability on Twitter in 2010.

In that instance, the bug was also used to show harmless pop-up messages on users’ screens. - Bloomberg News

Related Topics: