Twitter urges all users to change passwords after glitch

In this file photo taken on February 8, 2018 the Twitter logo is displayed on a banner outside the New York Stock Exchange (NYSE) in New York City. FILE PHOTO |NMG

By  REUTERS

What you need to know:

  • The social network disclosed the issue in a blog post and series of Tweets on Thursday afternoon,
  • The disclosure comes as lawmakers and regulators around the world scrutinise the way that companies store and secure consumer data, after a string of security incidents at Equifax Inc, Facebook Inc and Uber Technologies Inc
  • The European Union is due later this month to start enforcing a strict new privacy law, the General Data Protection Regulation, that includes steep fees for violators.

Twitter Inc urged its more than 330 million users to change their passwords after a glitch caused some to be stored in readable text on its internal computer system rather than disguised by a process known as “hashing”.

The social network disclosed the issue in a blog post and series of Tweets on Thursday afternoon, saying it had resolved the problem and an internal investigation had found no indication passwords were stolen or misused by insiders. Still, it urged all users to consider changing their passwords.

“We fixed the bug and have no indication of a breach or misuse by anyone,” Chief Executive Jack Dorsey said in a Tweet. “As a precaution, consider changing your password on all services where you’ve used this password.”

The blog did not say how many passwords were affected. A person familiar with the company’s response said the number was “substantial” and that they were exposed for “several months.”

The disclosure comes as lawmakers and regulators around the world scrutinise the way that companies store and secure consumer data, after a string of security incidents at Equifax Inc, Facebook Inc and Uber Technologies Inc

READ: Twitter to ban cryptocurrency ads from Tuesday

ALSO READ: What teens want for ‘cool’ social media platforms

Privacy law

The European Union is due later this month to start enforcing a strict new privacy law, the General Data Protection Regulation, that includes steep fees for violators.

Twitter discovered the bug a few weeks ago and has reported it to some regulators, said the person, who was not authorised to discuss the matter publicly.

The US Federal Trade Commission, which investigates companies accused of deceptive practices related to data security, declined comment on the password glitch.

The agency settled with Twitter in 2010 over accusations the site had “serious lapses” in data security that let hackers access private user data on two occasions.

The settlement called for audits of Twitter’s data security program every other year for 10 years.

'Very sorry'

The glitch was related to Twitter’s use of “hashing” and caused passwords to be written on an internal computer log before the scrambling process was completed, the blog said.

“We are very sorry this happened,” the Twitter blog said.

Twitter’s share price was down 1 per cent in extended trade at $30.35, after gaining 0.4 per cent during the session.

The company advised users to take precautions to ensure that their accounts are safe, including changing passwords and enabling Twitter’s two-factor authentication service to help prevent accounts from being hijacked.

PAYE Tax Calculator

Note: The results are not exact but very close to the actual.

Get it First!

Stay up to date on the editors' picks of the week.

Latest

  1. motorcycle battery

    Roam to set up EV charging hubs at QuickMart outlets

  2. AFP_347Q3FF

    Landlords to reserve special slots for electric car chargers in new law

  3. Why two master bedrooms are the growing trend in Kenyan homes

In the headlines

View All