Bloomberg Anywhere Remote Login Bloomberg Terminal Demo Request


Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.


Financial Products

Enterprise Products


Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000


Industry Products

Media Services

Follow Us

Twitter Hurt by Security Flaw After Site Is Attacked

Twitter Affected by Security Issue, Users Report
Twitter Inc.’s main website is affected by a security flaw, the site’s subscribers reported. Photographer: Chris Ratcliffe/Bloomberg

Twitter Inc.’s website was impaired by a security flaw that caused people to unwillingly resend messages posted by other users and directed them to third-party sites, including ones that feature pornography.

Twitter subscribers described the flaw in posts on the site, and it affected the account of White House press secretary Robert Gibbs. San Francisco-based Twitter said in postings that it identified an attack and “fully patched” it.

The flaw affected subscribers when they moved their mouse over infected short messages, or tweets, causing an embedded code to execute and creating messages that directed people to third-party sites, said Graham Cluley, a consultant at Sophos Plc, an Abingdon, England-based computer-security firm. It stemmed from a vulnerability that lets people post scripts -- a type of software code -- into tweets, he said.

“From time to time, I have no doubt that there will be those that want to gum up the system and things like that,” Gibbs said at his regular White House briefing today. “I don’t hesitate to continue to use it.”

Cluley said the vulnerability spread widely among Twitter users. “It’s a problem and it’s widespread. It’s like someone has just thrown gas over a fire,” he said. He estimated that 100,000 people or more were affected.

People who use third-party client software to access Twitter, such as TweetDeck and Seesmic, were unaffected, he said. Origins of the attack aren’t yet known, he said.

Please upgrade your Browser

Your browser is out-of-date. Please download one of these excellent browsers:

Chrome, Firefox, Safari, Opera or Internet Explorer.