Twitter locks 'millions' of accounts with leaked passwords
While Twitter maintains that its servers have not been hacked, the company now says it has "cross-checked" the account data noted by LeakedSource and is taking pre-emptive measures. Particularly notable in light of hacks that have recently affected accounts from Katy Perry to Mark Zuckerberg to the NFL, the social network said it has identified a number of accounts for extra protection. No matter where the information came from, whether via malware or shared passwords revealed in hacks of other services, any accounts with "direct password exposure" have been locked (similar to pre-emptive moves Netflix and others are using when they see account details floating around), and emails were sent to the owner prompting for a password reset.
There's no word on exactly how many accounts in the database checked out, but Twitter told the Wall Street Journal that "millions" of accounts have been notified. If your account is vulnerable then you should've already been notified; so if your inbox is empty and you can still sign in then you don't have anything (more than usual) to worry about. Still, it's always a good time to reset your password just in case, use unique passwords on every account (a password manager like 1Password or LastPass can be helpful) and enable two-factor authentication wherever available.
Facebook CEO Mark Zuckerberg, who had his Twitter and Pinterest accounts compromised on Sunday. The hackers tweeted that they found Zuck's account credentials in the recent LinkedIn data breach, from which they took his SHA1-hashed password string and then broke it and tried on several social media accounts.
Source: Twitter Blog
Account security is a top priority at Twitter. Over the past days and weeks we’ve responded to several issues, including reports of leaked Twitter @names and passwords as well as potential collateral damage from the numerous breaches of other websites. I’d like to share more information about how we protect your account, and the challenges all websites face whenever another website is breached.
There's no word on exactly how many accounts in the database checked out, but Twitter told the Wall Street Journal that "millions" of accounts have been notified. If your account is vulnerable then you should've already been notified; so if your inbox is empty and you can still sign in then you don't have anything (more than usual) to worry about. Still, it's always a good time to reset your password just in case, use unique passwords on every account (a password manager like 1Password or LastPass can be helpful) and enable two-factor authentication wherever available.
In light of recent events, learn more about account security on Twitter and what we’re doing to keep yours safe. https://t.co/Hug5cLr6r8— Twitter (@twitter) June 10, 2016
Facebook CEO Mark Zuckerberg, who had his Twitter and Pinterest accounts compromised on Sunday. The hackers tweeted that they found Zuck's account credentials in the recent LinkedIn data breach, from which they took his SHA1-hashed password string and then broke it and tried on several social media accounts.
Source: Twitter Blog
No comments
Post a Comment