ritchie58 Posted May 4, 2018 Report Share Posted May 4, 2018 Twitter announced yesterday that they discovered a serious bug that saved users passwords without encryption to an internal log. Although Twitter says they have since fixed the bug and no data was hacked or misused as far as there investigation has revealed thus far. Twitter reiterated today that this bug was not a security breech by an outside source. The company uses an encryption algorithm to protect user passwords which shows random characters in place of the actual passwords (also called Hashing). But the detected & fixed bug stored the passwords in their original plain-text form to an "internal log" which could have been accessed by company personal. When asked how many user passwords may have been affected Twitter declined to answer. However some, as yet unsubstantiated, outside sources claim that the extensive log may have contained well over 350 million user's passwords worldwide.As a security precaution Twitter is strongly urging all users to change their passwords via a pop-up window on the site that explains the nature of the bug and links to their Settings page (see image). If you used the same password for any other service or web site Twitter is highly recommending you also change those passwords as an additional precaution. Although it's "never a good idea" to use the same password for different sites! I think most people know that "common sense security measure already!" Best wishes, Ritchie... P.S. - In retrospect I think it's "quite commendable" of Twitter to notify it's users of the bug even though it could have been a much simpler matter of just fixing the anomaly and sweeping it under the rug, they could have done that. I bet this was done to be as transparent as possible when it comes to it's user's privacy/security in light of the ongoing Facebook/Cambridge Analytica drama still unfolding. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.