Home
Tech

Twitter urges 336 million users to change passwords after bug discovered

Newsletter sign up Newsletter

(Image credit: Bethany Clarke/Getty Images)

published 4 May 2018

Twitter has urged all of its 336 million users to update their passwords after the company discovered that some had been exposed in plain text on an internal server.

TSB IT crisis: bank chief Paul Pester steps down with £1.7m payout Facebook launching dating service to rival Tinder

The social media site’s co-founder, Jack Dorsey, said in a tweet that as a result of a software bug, the passwords had been “written to an internal log” prior to the “hashing” process, which masks login details with a series of random letters and numbers before they are stored.

He added that the bug had been “fixed”, and that an internal investigation had found “no indication of breach or misuse” of the exposed data.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Nevertheless, Twitter users are also being urged to activate two-factor authentication, “to help stop accounts being hacked”, BBC News reports.

The security feature prompts users to enter a code, sent to them either via a text message or through a third-party app, after they have correctly inputed their password.

Although Dorsey didn’t reveal how many passwords had been exposed, a company insider told Reuters that the number was “substantial” and that they had been stored as text files for “several months”.

The source said Twitter had discovered the glitch “a few weeks ago” and reported it to “some regulators”, according to the news site.

Meanwhile, Twitter’s chief technology officer, Parag Agrawal, provoked anger among users by tweeting that the company “didn’t have to” share information about the data bug, adding that it was simply “the right thing to do”.

Agrawal later apologised for suggesting that the company could have covered up the issue, insisting that he had “felt strongly” that the information should be shared.

Explore More

Twitter In Brief

Sign up for Today's Best Articles in your inbox

A free daily email with the biggest news stories of the day – and the best features from TheWeek.com

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

The Week Staff

Social Links Navigation

Latest

Will Donald Trump wreck the Brexit deal?
Today's Big Question President-elect's victory could help UK's reset with the EU, but a free-trade agreement with the US to dodge his threatened tariffs could hinder it

By Harriet Marsden, The Week UK Published 14 November 24
Marine Le Pen's fake jobs trial
The Explainer The far-right French leader could face a fine, jail time, and a five-year ban from public office if found guilty of embezzlement

By Abby Wilson Published 14 November 24
How to earn extra cash for Christmas
The Explainer The holiday season can be expensive but there are ways to bolster your festive finances

By Marc Shoffman, The Week UK Published 14 November 24