Change your Twitter passwords

Stefan Mileschin · 6th May 2018, 06:01

Once more into the breach

Twitter urged its more than 330 million users to change their passwords after a glitch caused some to be stored in readable text on its internal computer system rather than disguised by a process known as “hashing”.

The social network disclosed the issue in a blog post and series of Tweets, saying it had resolved the problem and an internal investigation had found no indication passwords were stolen or misused by insiders. Still, it urged all users to consider changing their passwords.

Head Twit Jack Dorsey said: “We fixed the bug and have no indication of a breach or misuse by anyone,” said in a Tweet. “As a precaution, consider changing your password on all services where you’ve used this password.”

The blog did not say how many passwords were affected. A person familiar with the company’s response said the number was “substantial” and that they were exposed for “several months”.

The disclosure comes as lawmakers and regulators around the world scrutinize the way that companies store and secure consumer data, after a string of security incidents at Equifax, Facebook and Uber. While in the US, the big tech companies will probably only be slapped with a wet bus ticket, the fines are more likely to be higher in civilised countries where corporations do not own politicians.

The European Union is due later this month to start enforcing a strict new privacy law, the General Data Protection Regulation, that includes steep fees for violators.

Twitter discovered the bug a few weeks ago and has reported it to some regulators, said the person, who was not authorized to discuss the matter publicly.

The US Federal Trade Commission, which investigates companies accused of deceptive practices related to data security, declined comment on the password glitch.

The agency settled with Twitter in 2010 over accusations the site had “serious lapses” in data security that let hackers access private user data on two occasions. The settlement called for audits of Twitter’s data security program every other year for 10 years.

The glitch was related to Twitter’s use of “hashing” and caused passwords to be written on an internal computer log before the scrambling process was completed, the blog said.
https://fudzilla.com/news/46217-chan...tter-passwords

6th May 2018, 06:01	#1
Stefan Mileschin [M] Reviewer Join Date: May 2010 Location: Romania Posts: 148,462	Change your Twitter passwords Once more into the breach Twitter urged its more than 330 million users to change their passwords after a glitch caused some to be stored in readable text on its internal computer system rather than disguised by a process known as “hashing”. The social network disclosed the issue in a blog post and series of Tweets, saying it had resolved the problem and an internal investigation had found no indication passwords were stolen or misused by insiders. Still, it urged all users to consider changing their passwords. Head Twit Jack Dorsey said: “We fixed the bug and have no indication of a breach or misuse by anyone,” said in a Tweet. “As a precaution, consider changing your password on all services where you’ve used this password.” The blog did not say how many passwords were affected. A person familiar with the company’s response said the number was “substantial” and that they were exposed for “several months”. The disclosure comes as lawmakers and regulators around the world scrutinize the way that companies store and secure consumer data, after a string of security incidents at Equifax, Facebook and Uber. While in the US, the big tech companies will probably only be slapped with a wet bus ticket, the fines are more likely to be higher in civilised countries where corporations do not own politicians. The European Union is due later this month to start enforcing a strict new privacy law, the General Data Protection Regulation, that includes steep fees for violators. Twitter discovered the bug a few weeks ago and has reported it to some regulators, said the person, who was not authorized to discuss the matter publicly. The US Federal Trade Commission, which investigates companies accused of deceptive practices related to data security, declined comment on the password glitch. The agency settled with Twitter in 2010 over accusations the site had “serious lapses” in data security that let hackers access private user data on two occasions. The settlement called for audits of Twitter’s data security program every other year for 10 years. The glitch was related to Twitter’s use of “hashing” and caused passwords to be written on an internal computer log before the scrambling process was completed, the blog said. https://fudzilla.com/news/46217-chan...tter-passwords

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Twitter warns all users to change passwords following internal bug	Stefan Mileschin	WebNews	0	6th May 2018 05:54
Changing passwords is bad for security	Stefan Mileschin	WebNews	0	5th August 2016 15:34
Twitter locks 'millions' of accounts with exposed passwords	Stefan Mileschin	WebNews	0	14th June 2016 13:03
Some big websites might require you to change passwords	Stefan Mileschin	WebNews	0	9th June 2016 06:35
Too many people still use terrible passwords	Stefan Mileschin	WebNews	0	21st January 2016 10:04
The year of change for 'Destiny' starts next weekThe year of change for 'Destiny' sta	Stefan Mileschin	WebNews	0	7th September 2015 14:21
Hackers nick Facebook, Google, Twitter, Yahoo passwords	Stefan Mileschin	WebNews	0	6th December 2013 06:39
Twitter for iOS 4.3 gets early teases from Twitter itself and the App Store	Stefan Mileschin	WebNews	0	10th July 2012 06:26
Gates: End to passwords in sight	Sidney	WebNews	0	15th February 2006 03:12