Twitter took its desktop Twitter client, TweetDeck, offline today following what is reported to be a massive security breach.
We’ve temporarily taken TweetDeck services down to assess today’s earlier security issue. We’ll update when services are back up.
— TweetDeck (@TweetDeck) June 11, 2014
When news first broke, TweetDeck recommended that all users remove access to their accounts immediately. Then TweetDeck went a step further to protect its users when major accounts started spreading malicious code by completely shutting the service down.
There have been multiple reports so far of malicious code emanating from a few major accounts, including politicians and major news outlets.
The vulnerability allows attackers to place computer code in a tweet. Once the tweet appears inside Tweetdeck, the code can run actions and be re-tweeted to other accounts, further spreading the problem.
TechCrunch reports that the problem, known as an XSS vulnerability, has been fixed. At the time of this writing, TweetDeck has just turned itself back on:
We’ve verified our security fix and have turned TweetDeck services back on for all users. Sorry for any inconvenience.
— TweetDeck (@TweetDeck) June 11, 2014
The extent of the damage remains to be seen, but we will keep readers updated as this story develops.