"The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked," says Bob Lord, director of information security at Twitter
in a blog post. "For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users."
Lord says Twitter is sending an email to affected users with your Twitter account name. You will need to create a new password and your old password will not work when you try to log in to Twitter.
"We encourage all users to take this opportunity to ensure that they are following good password hygiene, on Twitter and elsewhere on the Internet," says Lord. "Make sure you use a strong password – at least 10 (but more is better) characters and a mixture of upper- and lowercase letters, numbers, and symbols – that you are not using for any other accounts or sites. Using the same password for multiple online accounts significantly increases your odds of being compromised."
The Twitter hack comes on the heels of high profile attacks on The New York Times and Wall Street Journal, which came to light earlier this week. Those hacks are believed to be the work of the Chinese government.
Advisors should view these high-profile hacks as an opportunity, a chance to address security issues that they may not be addressing currently.
You are in charge of Personal Identifiable Information about your clients and must guard that data carefully. If you are not using strong passwords, that's a great place to start. Use a password manager. Find out if your cloud vendors are using scanning services--like McAfee Secure, eTrust, and others--to scan for security holes as well as third-party intrusion prevention services to plug holes. Make sure your antivirus and malware detection systems are up to date.