BREAKING NEWS Possible murder-suicide in Rochester Full Story

Twitter says all 336 million users should change their passwords

Twitter has recommended its 336 million users change their passwords.The com...

Posted: May 4, 2018 7:54 AM
Updated: May 4, 2018 7:54 AM

Twitter has recommended its 336 million users change their passwords.

The company announced on Thursday it discovered a bug that saved user passwords unprotected on an internal log.

Twitter said it has since fixed the issue. Although the company said there is no evidence passwords have been leaked or misused, it is urging its users to update their passwords.

"As a precaution, consider changing your password on all services where you've used this password," the company tweeted.

Related: Your Instagram posts help Facebook crack down on terrorists

The company protects user passwords via a process called hashing, which shows random characters in place of the actual passwords. But the detected bug stored the passwords in their original plain-text form to an "internal log."

Twitter did not specify how many passwords were stored there.

The company declined to comment on when the bug was discovered, how long it had been storing passwords in this manner and how many passwords were affected. But it reiterated to CNN "this is not a breach."

Twitter is prompting users to change their passwords via a pop-up window on the site that explains the nature of the bug and links to their Settings page.

The company also suggests widely recommended security tips, like turning on two-factor authentication, choosing unique passwords for every service, and using a password manager app to store them all.

CEO Jack Dorsey said in a tweet the company believed it was important to "be open about this internal defect."

Meanwhile, Twitter CTO Parag Agrawal tweeted an apology for the issue.

"We are sharing this information to help people make an informed decision about their account security. We didn't have to, but believe it's the right thing to do," he said.

After receiving criticism for saying Twitter didn't have to go public with the breach, Argawal followed up with another apology.

"I should not have said we didn't have to share. I have felt strongly that we should. My mistake," he said.

Article Comments

Mason City
Overcast
70° wxIcon
Hi: 86° Lo: 70°
Feels Like: 70°
Albert Lea
Broken Clouds
70° wxIcon
Hi: 87° Lo: 70°
Feels Like: 70°
Austin
Broken Clouds
70° wxIcon
Hi: 90° Lo: 70°
Feels Like: 70°
Charles City
Overcast
66° wxIcon
Hi: 85° Lo: 68°
Feels Like: 66°
Rochester
Scattered Clouds
70° wxIcon
Hi: 84° Lo: 64°
Feels Like: 70°
Tracking Heat and Isolated Storm Chances
KIMT Radar
KIMT Eye in the sky

Latest Video

Image

Central Springs advances to state for fifth consecutive time

Image

Cyclist recognized for cleanup effort

Image

Iowa State Parks get AED's thanks to donations, grants

Image

Zumbro Education District needs new building

Image

New referendum survey at Triton School District

Image

Sex Trafficking Resource Closes in Rochester

Image

Rochester City Budget Planning

Image

Swimming advisory lifted on Rochester Beach

Image

Moon Landing Celebration

Image

President Stands By Tweets

Community Events