Twitter hacked, 250,000 passwords compromised

Twitter hacked, 250,000 passwords compromised

Twitter has informed users that their service had been hacked and that 250,000 usernames, email addresses, session tokens, and encrypted/salted passwords had been compromised. According to Twitter's director of information security, Bob Lord, who posted on blog.twitter.com:

As a precautionary security measure, we have reset passwords and revoked session tokens for these accounts. If your account was one of them, you will have recently received (or will shortly) an email from us at the address associated with your Twitter account notifying you that you will need to create a new password. Your old password will not work when you try to log in to Twitter.

To date, I haven't received a notification for any of my accounts, but I've changed them all anyway. I'm paranoid, but I'd recommend you do the same, and use a password management app so you can set something strong and not have to worry about remembering it yourself.

If you were notified by Twitter about your password, let me know.

Source: blog.twitter.com

Rene Ritchie

Editor-in-Chief of iMore, co-host of Iterate, Debug, Review, The TV Show, Vector, ZEN & TECH, and MacBreak Weekly podcasts. Cook, grappler, photon wrangler. Follow him on Twitter and Google+.

More Posts

 

-
loading...
-
loading...
-
loading...
-
loading...

← Previously

Evasi0n jailbreak nearing completion, still appears on course for Super Bowl Sunday release

Next up →

How to follow along with the Super Bowl on iPhone and iPad

There are 10 comments. Add yours.

gods84 says:

haven't been notified yet. will be switching passwords right meow..

Premium1 says:

Changed my password just in case. No email here either

t66 says:

Got the mail. Looks like only twitteraccounts from the early days were affected. Accounts created in 2006/2007. Like mine.

andsoitgoes says:

Ah, that makes sense why I got the message, and no one else I know did. I remember working at ebay, June of 2007 is when I signed up.

Is it silly that even though I'm in the top .62% of people who signed up, that Im endlessly frustrated that I'm in the 6 millions? =\

But anyway, yes. Old timers were affected. That's a-me :)

Also, am I the only one who was frustrated by the stock twitter email that was sent out, implying that we got spoofed:

In general, be sure to:

Always check that your browser's address bar is on a https://twitter.com website before entering your password. Phishing sites often look just like Twitter, so check the URL before entering your login information!

Avoid using websites or services that promise to get you lots of followers. These sites have been known to send spam updates and damage user accounts.

Review your approved connections on your Applications page at https://twitter.com/settings/applications. If you see any applications that you don't recognize, click the Revoke Access button.

ItsMeFil says:

I didn't get any email, but I changed my password just in case.

IDCuffs says:

This is a fantastic article for those interested in identity safety on the Internet and social
media!

https://idcuffs.com/blog/tweet-tweet-your-twitter-account-is-hacked-and-...

bkDJ says:

The headline says passwords compromised, the article says the passwords were encrypted and salted and that affected accounts had their passwords reset. Wasn't it on this site that I read, not long ago, a rant about click baiting headlines with ledes that are less sensational? :/

SockRolid says:

There are probably way more than 250,000 accounts with "twitter," "mytwitter," "twitter000," "twitter001," etc. as their passwords. That's where the real "hacking" will happen.

colemaneuclid says:

Either that or having "password" or "password123."

rdstryr says:

Wasn't notified but change my PW anyways just to be safe