Few days back an article was published on techworm.in, where a hacker named “Mauritania Attacker” leaked claimed to leak thousands of twitter accounts, the data was made available for public to use and was uploaded on zippyshare.com. The data contained the twitterid, twitternick, oauthtoken nand oauth_token_secret.
Well, if the attacker keeps compromising database of the third party applications and getting the hold of the oauth tokens, then their is not much that twitter can do, Since they can protect their database from being breached, however they certainly have no hold of the third party application database.
Twitter users are advised to revoke access to all the third party application and reauthorize them, therefore the access tokens would be expired and the attacker would not be able to use them. Twitter users should only use trusted third party applications and when they are not using any of them, they should revoke the access so that the access token would be expired.
Facebook, has also known issues with their oauth in past, Security reseachers have pointed multiple flaws and all of them relied upon stealing of the oauth tokens, The issue with twitter in this case is a bit different, the access tokens were compromised due to a third party app, whereas in facebook oauth tokens could have been compromised due to a flaw inside it’s design.
Twitter has denied the claims made by an attacker that any part of the twitter’s database was compromised, which seems true to me. The Mauritania Attacker has posted a status on his facebook that he will reveal exactly how the access tokens were compromised today to techworm.