Twitter urges password resets after being accidentally unmasked in an internal log

Earlier today, Twitter put out a tweet through its @TwitterSupport account urging users to change their account password(s) as a precautionary measure due to a bug.

The call to update the password appears to be a result of a bug, where passwords were stored "unmasked in an internal log." Twitter further clarified in the tweet that it didn't look like the information had been misused in any way and that the service has not suffered any form of breach relating to the internal log.

Upon visiting Twitter, users will now be met with a popup, which we have captured above, urging users to change their password. Upon changing the password the site will then ask users to review any applications that have been enabled on the account.

Twitter also blogged about the bug, which you can view here, the post explains in further detail what happened by adding:

"Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again."

Right now the password change is optional, but maybe it's a good time to update those old passwords, given this tiny security scare.

Source: Twitter (1) (2) via TNW

Report a problem with article
Next Article

Fluent Design and more lands on Microsoft's To-Do app update

A graphic of a digital lock with multiple wires connected to it
Previous Article

Google extends Advanced Protection Program to native Apple apps on iOS devices

30 Comments - Add comment