Twitter plugged a security vulnerability in its popular TweetDeck application Wednesday, after disabling the system for over an hour earlier in the day to fix it. People logged into the service during the breach got odd pop-up messages. Their systems also randomly re-tweeted messages containing potentially malicious computer code scripts. When the site was taken down, TweetDeck tweeted, “We’ve temporarily taken TweetDeck services down to assess today’s earlier security issue. We’ll update when services are back up.”
Twitter-owned Twitter client Tweetdeck suffered a massive security breach today. At first, Tweetdeck recommended everyone remove access to their accounts immediately, but then the service completely shut itself off when major accounts started spreading malicious code through garbled updates, which caused strange pop-ups to appear on users screens. At least for me, Tweetdeck is still down, and the “forgot password” function does not work in Google Chrome’s version of Tweetdeck. I saw malicious code from a few major accounts and politicians, including California’s own Lieutenant Governor Gavin Newsom. Others reported that major news outlets had also been hacked, including The New York Times business account, @NYTimesBusiness. The problem, known as an XSS vulnerability, has reportedly been fixed, but that hasn’t returned full functionality to the site. In the meantime, it’s wreaking havoc on social media managers across the Interwebs (and the workday of this very frustrated writer).
