Over 32 million Twitter passwords have been leaked online

Twitter’s hacking woes may be just beginning. Tens of millions of Twitter passwords and login credentials have been leaked online and are reportedly for sale on the dark web.

According to Leaked Source, a website that collects and analyzes leaked data, a user by the name of Tessa88 is selling over 32 million Twitter password and email combinations. It is believed the user is asking for around 10 bitcoins, approximately C$7,323 at time of publishing, in exchange for the data.

Over the last week, a growing number of celebrities – including Drake, Kylie Jenner and the NFL – have had their Twitter accounts taken over by hackers who use the accounts to poke fun at their victims and spark rumours of celebrity deaths.

READ MORE: Drake, Kylie Jenner, now the NFL – why are celebrity Twitter accounts being hacked?

It’s unclear why or how so many accounts are being hacked, but some have speculated hackers were using information from a recently released database of passwords and user names stemming from old data breaches at LinkedIn and Myspace to hack the accounts.

However, this latest data dump does not appear to be connected to those data breaches.

Leak Source believes the passwords in this new data dump may have been obtained through malicious software that tricked users into handing over their login information.

“The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter,” read the organizations blog.

Tweet This Click to share quote on Twitter: "The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter," <a href="https://www.leakedsource.com/blog/twitter">read the organizations blog.</a>

Twitter’s chief security officer Michael Coates confirmed Thursday that the company is aware of the situation, adding, “We’re confident that our systems have not been breached.”

He also said Twitter is working with Leaked Source to obtain the stolen data.

What should you do if you are a Twitter user?

In the wake of this data dump and the recent increase in account hacking, Twitter has been actively encouraging users to increase the security on their accounts.

First, you should consider changing your Twitter password. We have compiled a list of tips to help you create a secure password here.

READ MORE: How to protect yourself from security breaches on social media sites

You may also want to turn on two-step authentication for your Twitter account. This means you will add your cellphone number to your Twitter account; once activated, you will be required to input a six-digit code sent via text message, along with your password, each time you sign in to your account.

The idea is that a potential hacker would have a much harder time accessing your account without access to your phone.

Instructions to turn on two-step authentication for Twitter are available here.