Kyle LeBoeuf

If you read this blog at all, then there’s a real good chance that you don’t live under a rock; but just in case, you should know that there were a series of high-profile security breaches on various high-profile web properties between this weekend and Tuesday.

Beginning on Friday, many users fell prey to a phishing scam on Twitter designed to automatically gain access to accounts. It took quite sometime for Twitter to gain control of the situation. Shortly afterward, a hacker had managed to give access to 33 high-profile Twitter accounts to various people, who immediately began posting various remarks and comments under the Twitter user’s name, including President-Elect Barack Obama, celebrity artist Britney Spears, and Digg Founder Kevin Rose. The Twitter support team got around to this trick much quicker, shutting down the hole used to gain access and restoring the accounts to their proper owners.

The last high-profile attack occurred yesterday on Macrumors, a popular site that aggregates and comments on rumors related to the mysterious corporate practices and developments of Apple, Inc. While live-blogging the Macworld 2009 keynote address by Apple exec Phil Schiller, hackers gained access the admin interface used by Macrumor’s writing team by exploiting the mistakes made by the team in securing the interface. Once they were in the system, the hackers began spamming the feed with vulgar remarks and explicit images. The site was taken down before the conclusion of the keynote.

Now that we understand what happened, we can discuss it. Personally, I think this demonstrates to everyone that even the major sites and services can be attacked or taken down. A large portion of internet users out there are completely oblivious to the dangers that are present even for the major, high-profile sites.

Let this be a lesson to bloggers and web developers everywhere. Make sure that you secure your stuff! Use secure passwords. Let’s not be idiots here.

Kyle