Twitter on Thursday urged its 336 million users to change their passwords after it discovered that it had mistakenly stored them internally prior to fortifying them through a security technique, leaving the passwords vulnerable to hackers.
The microblogging company said there is no evidence that password have been leaked, but advised users to change their passwords to be safe.
“We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone,” the company tweeted.
“As a precaution, consider changing your password on all services where you’ve used this password.”
Parag Agrawal, Twitter’s chief technology officer, wrote in a blog post that users should also consider changing their passwords on other services if the passwords they used there were the same as on Twitter.
The company also disclosed the password flaw in a regulatory filing on Thursday, indicating that the bug was serious enough to warrant more formal disclosure than a corporate blog post.
CEO Jack Dorsey followed Agrawal’s post by tweeting that company has “no indication of breach or misuse.” He added that the company warned users because “it’s important for us to be open about this internal defect.”
You can change your password by visiting Twitter’s password reset page.
The company also suggested widely recommended security tips, like turning on two-factor authentication, choosing unique passwords for every service, and using a password manager app to store them all.
No comments:
Post a Comment