Twitter Denies Major Password Breach

Twitter may have become the latest social network to fall victim to a major security breach after millions of user details were reportedly posted online.

An information dump relating to over 32 million accounts, including email addresses, usernames and passwords in plain text, was uploaded by breach notification website LeakedSource overnight.

However Twitter says that no breach took place, and user accounts remain safe.

Confident

“We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached,” an official Twitter statement said. “In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leak.”

In spite of this denial, LeakedSource maintains that the data is legitimate, especially due to the plain text passwords, and has contacted 15 affected users on the list to verify their information, all of whom said it was correct.

The site’s analysis also suggests that the user credentials were collected through malware which had infected browsers including Firefox or Chrome, rather than being stolen directly from Twitter. The breach also appears to have largely targeted Russian users, as six of the top 10 email domains represented in the database come from the country.

LeakedSource has now added the information to its search engine, which will allow affected users to remove leaked information for free.

If true, the breach will mark Twitter as the latest big-name victim of social media hack.

Recently, LinkedIn was forced to invalidate the passwords of over 100 million user accounts after a hacker allegedly put the details up for sale online.

The breach even affected Facebook CEO Mark Zuckerberg, who apparently used the same login information for his LinkedIn account as several other social media pages, allowing hackers to gain access to his Pinterest and Twitter accounts.

Are you a security guru? Try our quiz!