The Syrian Electronic Army has hacked into domain name servers belonging to Twitter, while simultaneously attacking those belonging to both the New York Times and the Huffington Post‘s U.K. site. The attacks, which happened around 5 p.m. ET yesterday, altered contact details and DNS records, which enabled the hackers to send visitors to the compromised sites to anywhere on the web they wanted.
The first anyone knew about it was when the SEA posted an image on its Twitter feed.
— SyrianElectronicArmy (@Official_SEA16) August 27, 2013
In a connected attack, the New York Times‘ website is currently down, due to an “external attack,” as the company put it–although you can get at the site here. The Times confirmed that the breach occurred, as with Twitter, via registrar firm Melbourne IT, that the hackers subjected to a phishing attack and which put out a statement confirming as much.
Despite the hackers gaining a toehold in Twitter’s DNS records, users of the 140-character blogging service shouldn’t worry about their personal information being compromised: There was no data leak, the firm said last night. Twitter is said to be testing two-step authorization in an attempt to keep hackers at bay–not that it would have made any difference, given that this breach happened courtesy of a third party.