Usernames and passwords of Twitter members using file-sharing application TweetGif have been leaked to the internet by a group of hackers claiming to have risen from the ashes of disbanded hacker group LulzSec.
“LulzSec Reborn” spilled around 10,000 personal details of TweetGif users - including real names and locations.
TweetGif allows users to share and post animated gif images, using their Twitter log in.
The group was unusually quiet in its password dump compared to its predecessor, simply posting an announcement on file-sharing site Pastebin directing users to download the .SQL file containing the user data.
The so-called LulzSec Reborn first appeared in March claiming to be a reformed version of the disbanded LulzSec collective - a group which fell apart after the FBI arrested core members thanks to the group’s leader ‘Sabu’ (real name Hector Xavier Monsegur) turning informant on his compatriots.
Just after its debut, the group targeted military dating site MilitarySingles.com, dumping what it claimed to be the email details of 171,000 members of the US military.
The original LulzSec instigated a six-week campaign of online terror last year targeting large corporations, governments and law enforcement agencies including the likes of Sony, the CIA, the US Senate, and the FBI.
A spokesperson for Twitter said TweetGif’s use of authorisation protocol OAuth meant none of its user passwords were exposed.
"We can confirm that all Twitter account passwords have remained secure, and no breach of our systems has occurred in connection with the events experienced by TweetGif. Regarding how TweetGif was compromised, we can't speak on their behalf,” in said in a statement to the Huffington Post.
Copyright © CRN Australia. All rights reserved.
Issue: 335 | January/February 2015
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.