Twitter blames cascading bug, rather than hackers, for yesterday's outage

News by Dan Raywood

Twitter has said that a 'cascading bug' was responsible for a service outage yesterday afternoon and not a cyber attack.

Twitter has said that a ‘cascading bug' was responsible for a service outage yesterday afternoon and not a cyber attack.

It said that the outage occurred at around 4pm BST and the issue affected all web users and some mobile clients and was due to a cascading bug in one of its infrastructure components.

“This wasn't due to a hack or, our new office, Euro 2012 or GIF avatars, as some have speculated today. A cascading bug is a bug with an effect that isn't confined to a particular software element, but rather its effect ‘cascades' into other elements as well,” it said.

“One of the characteristics of such a bug is that it can have a significant impact on all users, worldwide, which was the case today. As soon as we discovered it, we took corrective actions, which included rolling back to a previous stable version of Twitter. We are currently conducting a comprehensive review to ensure that we can avoid this chain of events in the future.”

Speaking to the Sydney Morning Herald, Michael Hicks, director of the University of Maryland cyber security centre, said that a cascaded bug "probably means a glitch that caused one server to fail in an odd way, or send an odd message, that caused a neighbouring server to fail".

Mazen Rawashdeh, Twitter vice president of engineering, said: “It's imperative that we remain available around the world, and today we stumbled. For that we offer our most sincere apologies and hope you'll be able to breathe easier now.”

The update came after hacktivist group UGNazi claimed that it took down Twitter for 40 minutes. One member of the group, known as ‘Cosmo', told Cnet that the group took Twitter down for 40 minutes worldwide with a distributed denial-of-service (DDoS) attack. This was because of Twitter's support of the Cyber Intelligence Sharing and Protection Act (CISPA), which allows the US federal government and private businesses to share information about possible cyber threats.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews