Twitter is urging its 330 million users to change their passwords after discovering an internal bug in the system.
The bug – which has since been fixed — stored passwords unencrypted in an internal log, according to a blog post from Twitter Chief Technology Officer Parag Agrawal.
Usually, passwords are stored using hashing, a process “that masks it so no one at the company can see it,” Agarawal explained, but this bug stored the passwords verbatim in the company’s logs.
Hashing is commonly used for password storing and verification.
Though the company hasn’t seen evidence that the passwords were misused or accessed improperly, Agrawal still says that “out of an abundance of caution,” users should still change your password.
The company is also working on plans to “to prevent this bug from happening again.”
-
![]()
Hackers can exploit built-in speakers of smartphones and devices -
![]()
100,000 Bell customers affected by hack -
![]()
North Korean hackers focusing their attention on Bitcoin: report -
![]()
FBI failed to warn U.S. targets as Russian hackers targeted emails -
![]()
Uber reveals it was the victim of a hack -
![]()
Uber comes clean on hack affecting 57 million users -
![]()
Is Canada vulnerable to major election hacking?
It wasn’t immediately known when the bug was discovered, or how many passwords were affected.
Users should change their Twitter password, as well as any password to other online accounts that is the same, or similar to their Twitter password.
Agrawal also suggested using a strong password that isn’t used on any other site, and enabling two-factor verification for log ins.
Comments