News

Twitter tells 330 million users to change their passwords

May 04, 2018

BBC News Service, 3 May 2018

Twitter has warned its 330 million users to change their passwords after a glitch exposed some in plain text on its internal network.

The social network said an internal investigation had found no indication passwords were stolen or misused by insiders.

However, it still urged all users to consider changing their passwords "out of an abundance of caution".

Twitter did not say how many passwords were affected.

It is understood the number was "substantial" and that they were exposed for "several months".

Twitter discovered the bug a few weeks ago and has reported it to some regulators, an insider told Reuters.

Chief executive Jack Dorsey tweeted to say the "bug" had been fixed.

The glitch was related to its use of "hashing", which masks passwords as users enter them by replacing them with numbers and letters, according to its blog.

The bug caused the passwords to be stored on an internal computer log before the hashing process was completed.

"We are very sorry this happened," Twitter said on its blog.

As well as changing passwords, users have been advised to turn on two-factor authentication service to help stop accounts being hacked.

Source: http://www.bbc.com/news/business-43995168