According to the NYTimes, amongst others, the accounts of several Twitter employee's have been hacked allowing the hacker to get sensitive user information:
As we learned yesterday, a hacker who goes by the name Hacker Croll managed to access the online accounts of several Twitter employees and a Gmail account belonging to the wife of the chief executive, Evan Williams ,by guessing or cracking their passwords. Having exploited these
weak links, he apparently used Web sites’ password-retrieval features to get passwords for other accounts, including Google Apps, in a technique known as hopping. My colleagues Claire Cain Miller and Brad Stone reported that the hacker acquired confidential company information as well as employees’ personal information, including credit card numbers, and then, on Tuesday, leaked them to two blogs, including
TechCrunch.
The breach has shone a bright light on the security of confidential data that we store in increasingly popular “cloud” services like webmail accounts and Google Apps, where data can be accessed from any computer, typically with just a username and password. But with this convenience comes extra risk.
http://gadgetwise.blogs.nytimes.com/2009/0...?pagemode=print The instructor for my recent Linux+ course, a Sysadmin for Haliburton at one time, said something like 10% of his users were using their login name as their password until he put a stop to it. We're creatures of bad habits.
