Not from our servers: Twitter reacts to reports of user details being exposed Online

Image from Wikimedia Commons

Micro blog Twitter has just responded to the string of reports that its user accounts had been hacked.

Twitter said from its official blog that its investigations had shown no proof of the leaks happening from its servers. The post said the “purported Twitter @names & passwords” may have been amassed from combining information from other recent breaches, malware on victim machines that were stealing passwords for all Sites, or a combination of both. Regardless of origin, Twitter said it was acting swiftly to protect all Twitter accounts.

Here’s the rest of the post:

In each of the recent password disclosures, we cross-checked the data with our records. As a result, a number of Twitter accounts were identified for extra protection. Accounts with direct password exposure were locked and require a password reset by the account owner.

How we keep Twitter secure every day

We use a variety of methods to protect Twitter and your accounts on an ongoing basis. This includes the fundamentals like use of HTTPS everywhere and security for email from twitter.com. And as we’ve mentioned before, we secure account credentials using bcrypt.

We also protect access to accounts by evaluating items such as location, device being used, and login history to identify suspicious account access or behavior. In situations where your password has been directly exposed, you are sent a password reset notification; your account is protected until the owner of the email or phone number resets the password.

What should you do?

If your Twitter information was impacted by any of the recent issues – because of password disclosures from other companies or the leak on the “dark web” – then you have already received an email that your account password must be reset. Your account won’t be accessible until you do so, to ensure that unauthorized individuals don’t have access.

Here are a few steps you can take to keep your Twitter account safe:

1. Enable login verification (e.g. two factor authentication). This is the single best action you can take to increase your account security.

2. Use a strong password that you don’t reuse on other websites.

3. Use a password manager such as 1Password or LastPass to make sure you’re using strong, unique passwords everywhere.

    

•Share This•