Twitter Passwords Exposed, Site Not Compromised

Thousands of Twitter passwords were exposed this week and the site is currently looking into matter.

Twitter spokesman Robert Weeks said:

“We are currently looking into the situation. In the meantime, we have pushed out password resets to accounts that may have been affected. For those who are concerned that their account may have been compromised, we suggest resetting your passwords and more in our Help Center.”

CNET reports that the passwords and email addresses of nearly 55,000 users were exposed this week. But Weeks said that the numbers make the situation seem worse than it actually is. According to Weeks, several of the passwords exposed were duplicates and several seemed to have come from SPAM accounts. Weeks also said that several of the passwords were not linked to a username. Weeks said:

“It’s worth noting that, so far, we’ve discovered that the list of alleged accounts and passwords found on Pastebin consists of more than 20,000 duplicates, many spam accounts that have already been suspended, and many log-in credentials that do not appear to be linked.”

Twitter investigated the matter further and determined that the site was not compromised. Twitter said in a statement:

“We’ve looked into this and can confirm that Twitter was not compromised. For extra precaution, yesterday, we pushed out password resets to accounts that may have been affected.”

Information Week reports that the breach may have still effected a few users. Twitter has over 140 million active users. The security breach may have effected about 0.02% of its user base.

Info Week also believes that the information was probably obtained from a phishing attack (Users being tricked into giving out their security information) which means that Twitter’s security was not compromised.