Twitter Warns 330 Million Users Of A Password Vulnerability
If anyone logged on to Twitter late last night, must have been greeted with a “Keeping Your Account Secure” notice. It is fair to say that not everyone went ahead and read the whole thing. However, what the popup window informs users about is quite damning. It essentially says that the passwords of all 330 million Twitter users were exposed in plain text. This happened due to a bug that the company claims to have fixed now.
Twitter claims that its investigation showed that there was no evidence that any breach of the unmasked passwords occurred. However, out of an “abundance of caution,” it has adviced all users to change their passwords.
Must Read: WhatsApp C-Founder Leaves Facebook
According to the company, the bug occurred because of an issue in the hashing process of storing passwords. The hashing process replaces the actual password with a random set of numbers and letters that are stored in Twitter’s system. In this way, it can validate a user’s account credentials without revealing their password.
We are sharing this information to help people make an informed decision about their account security. We didn’t have to, but believe it’s the right thing to do. https://t.co/yVKOqnlITA
— Parag Agrawal (@paraga) May 3, 2018
While the company has explained what the issue was, it hasn’t revealed how many users’ passwords may have potentially been compromised. We don’t even know how long the bug exposed the passwords and how long the company took to fix it. However, urging its entire userbase to change their passwords indicates to a significant user number.
We advise all users to change their passwords irrespective of Twitter’s claims that no compromise occurred.