Some 330 million users urged to change passwords after apparent bug left data in plain site.
In a series of tweets and a blog Twitter announced that due to a software glitch, millions of Twitter users passwords had been stored in plain text files without any encryption. The good news so far at least, is that there’s no evidence that data has been stolen or that an outside source has breached security.
The issue, discovered a few weeks ago has been investigated by Twitter itself, and so far there there are no grounds or evidence to suspect or speculate that there has been any misuse or theft of the unencrypted passwords.
Millions of Twitter users passwords had been stored in plain text files without any encryption
Abundance of caution
The company is however, recommending that users change their Twitter passwords out of an “abundance of caution”. The advice to change passwords also includes all third-party apps that link to Twitter including Twitterrific and TweetDeck.
“We fixed the bug and have no indication of a breach or misuse by anyone”, Chief Executive Jack Dorsey said in a Tweet. “As a precaution, consider changing your password on all services where you’ve used this password.”.
Scrutiny
The disclosure comes as lawmakers and regulators around the world scrutinize the way that companies store and secure consumer data, after a string of security incidents at Equifax Inc, Facebook Inc and Uber Technologies Inc.
Spate of incidents
Despite those assurances from the Twitter CEO, the news couldn’t have come at a worse time for the company, and it becomes just the latest in a recent (if unrelated) spate of security incidents and scandals in other companies such as Equifax, Facebook, and Uber.
Twitter have also urged its users to take precautions to ensure that their accounts are safe, including changing passwords and enabling Twitter’s two-factor authentication service to help prevent accounts from being hijacked.
SOURCE TECHBEAT