Twitter has warned over a quarter of a million users that their passwords and email addresses might have been stolen in a cyber-attack.
Earlier this week, Twitter warned that it had detected, and stopped, attempts to gain access to its user data, claiming it shut down one attack moments after it was detected.
The micro-blogging giant stated that the attack was “not the work of amateurs” nor was it “an isolated incident”.
As such, Twitter has reportedly told all the affected users to reset their passwords to stop further risk. However, security experts have warned that this might not be sufficient as people frequently use the same password and email address combination across multiple accounts, including banking.
Bob Lord, Twitter's director of security, said of the attacks: "We encourage all users to take this opportunity to ensure that they are following good password hygiene, on Twitter and elsewhere on the internet.
"Make sure you use a strong password – at least 10 (but more is better) characters and a mixture of upper- and lowercase letters, numbers, and symbols."
"The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked.
"For that reason we felt that it was important to publicise this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the internet safer for all users."
Ashkan Soltani, an independent privacy and security researcher, told the Telegraph that such a move would give attackers "a toehold" in Twitter's internal network, potentially allowing them either to sniff out user information as it travelled across the company's system or break into specific areas, such as the authentication servers that process users' passwords.