Twitter, Washington Post targeted by hackers

One theory is that the Twitter hack happened after an employee's home or work computer was compromised through vulnerabilities in Java, a commonly used computing language whose weaknesses have been well publicized. Independent privacy and security researcher Ashkan Soltani said such a move would give attackers "a toehold" in Twitter's internal network, potentially allowing them either to sniff out user information as it traveled across the company's system or break into specific areas, such as the authentication servers that process users' passwords.

The relatively small number of users affected suggests that attackers weren't on the network long or that they were only able to compromise a subset of the company's servers, Soltani said.

Twitter is generally used to broadcast messages to the public, so the hack might not immediately have yielded any important secrets. But the stolen credentials could be used to eavesdrop on private messages or track which Internet address a user is posting from.

That might be useful, for example, for an authoritarian regime trying to keep tabs on a journalist's movements.

"More realistically, someone could use that as an entry point into another service," Soltani said, noting that since few people bother using different passwords for different services, a password stolen from Twitter might be just as handy for reading a journalist's emails.

AP reporters Raphael Satter in London and Didi Tang in Beijing contributed to this report.