Twitter has sent out unexpected warning notices to a number of users, informing them that their account might have been targeted by state-sponsored hackers.
“We believe that these actors (possibly associated with a government) may have been trying to obtain information such as email addresses, IP addresses, and/or phone numbers,” the message says, but doesn’t specify which state might be behind the attack.
— coldhak (@coldhakca) December 11, 2015
The company also allowed that it’s possible that the users’ account might not have been an intended target of the suspected activity, but wanted to alert them just the same.
Among known recipients of the message are Coldhak, a Winnipeg-based nonprofit; Coldhak director Colin Childs; privacy and security researcher Runa Sandvik; activists and cryptoparty organizer Cassie Traun; security researcher Noris Fabio; Tech writer and programmer David Robinson; and banker and mathematics student Jens Kubieziel (also the author of a book about anonymity on the Internet).
Kubieziel started a public list on Twitter of people and organizations that have received the notices. So far, it comprises of some 30+ users, many of whom are privacy activists, current or former EFF and Tor contributors, infosec researchers, cryptography evangelists.
Various commenters pointed out that Twitter has a past of blocking user accounts that are accessed via Tor, but Twitter said those accusations are unfounded, i.e. that the blocking isn’t due to Tor use, but to other, unrelated reasons.