The Twitter accounts of 250,000 users were compromised last week by what the micro-blogging company has described as "extremely sophisticated" hackers.
In a blog post on Friday, Twitter’s director for information security Bob Lord said the company detected "unusual activity" that led to it discovering unauthorised attempts to access user data.
Twitter’s investigation found that the hackers may have accessed user information, including usernames, email addresses, sessions tokens used for logging into the website and encrypted versions of passwords of around 250,000 users.
"This attack was not the work of amateurs, and we do not believe it was an isolated incident," Lord’s post said. "The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked."
While Lord did not reveal how Twitter’s security systems were breached, he repeated advice from the US Department of Homeland Security (DHS) by encouraging users to disable Oracle’s Java software in computer browsers.
In his blog post, Lord referred to recent ecurity breaches suffered by the Wall Street Journal and New York Times, which have been linked to Chinese sources. However, he did not speculate as the source of the Twitter attack.
Internet security specialist Graham Cluley told the BBC that the security breach may lead to "phishing", and that users should be cautious about opening any emails that appear to be from Twitter.