Twitter says no accounts breached after LulzSec posts passwords

LulzSec Reborn, a hacker group, has claimed to have obtained the credentials of 10,000 Twitter accounts after hacking a third-party app, but according to Twitter, all the accounts have remained secure.

The group of hackers, which is based off the hacker group LulzSec that arose last summer, posted a note on PasteBin over the weekend saying it had posted the passowords and other credentials of Twitter accounts by hacking an app called TweetGif.

LulzSec Reborn, which has remained quiet since hacking in March, posted a user table from the app. The table includes users' Twitter handles, passwords, actual names, locations, bios, avatars, the tokens they enter to activate the app and their last tweet as well, according to PCMag.

But although the hackers posted the information and it remains online, Twitter says no security breaches have occurred, attributing the security to TweetGif's use of OAuth, which is a way to connect users' accounts to Twitter.

A company spokesman said all Twitter account passwords remain secure and that Twitter's systems were not breached.

Twitter could not speak on how TweetGif was hacked, and a "Contact" link for the app, which has only a few followers on Twitter, was not working when I tried clicking it Tuesday.

LulzSec has been out of commission since the latter half of last summer after going after some big targets. LulzSec hacked sites belonging to the FBI, CIA, Sony and PBS beginning last May.

The connection between the original group and Reborn isn't clear beyond the name, and since 2011 the way LulzSec functions has changed.

When the group began, there were only a handful of hackers involved. Nowadays, one hacker said, LulzSec Reborn has become a big group, and "nobody really knows whats … going on anymore."

By Salvador Rodriguez