30 Sep 2010
Twitter: Site update to blame for spam vulnerability
Twitter blamed an update to its website for re-opening a vulnerability that recently allowed cyber criminals to spread spam. The micro-blogging site said it had patched the hole a month ago, but the site revamp exposed the weakness again.
Spam quickly spread throughout the social networking site, infecting as many as 500,000 users according to an internet security company's estimate. That's a rate of 100 per second.
Twitter said the vulnerability was quickly patched, and that users need not fear a greater security risk.
"There is no need to change passwords because user account information was not compromised through this exploit," the company posted on its blog.
But the vulnerability was unrelated to the New Twitter, a complete site re-design the company rolled out this month. Page displays and the organization of information were all changed in a massive overhaul. Twitter insists the latest vulnerability was exposed in a separate update.