BREAKING NEWS Police identify Austin woman, 18, who was found dead on sidewalk near her home Full Story
SEVERE WX : Wind Advisory View Alerts
STREAMING NOW: Watch Now

Twitter says all 336 million users should change their passwords

Twitter has recommended its 336 million users change their passwords.The com...

Posted: May 4, 2018 7:54 AM
Updated: May 4, 2018 7:54 AM

Twitter has recommended its 336 million users change their passwords.

The company announced on Thursday it discovered a bug that saved user passwords unprotected on an internal log.

Twitter said it has since fixed the issue. Although the company said there is no evidence passwords have been leaked or misused, it is urging its users to update their passwords.

"As a precaution, consider changing your password on all services where you've used this password," the company tweeted.

Related: Your Instagram posts help Facebook crack down on terrorists

The company protects user passwords via a process called hashing, which shows random characters in place of the actual passwords. But the detected bug stored the passwords in their original plain-text form to an "internal log."

Twitter did not specify how many passwords were stored there.

The company declined to comment on when the bug was discovered, how long it had been storing passwords in this manner and how many passwords were affected. But it reiterated to CNN "this is not a breach."

Twitter is prompting users to change their passwords via a pop-up window on the site that explains the nature of the bug and links to their Settings page.

The company also suggests widely recommended security tips, like turning on two-factor authentication, choosing unique passwords for every service, and using a password manager app to store them all.

CEO Jack Dorsey said in a tweet the company believed it was important to "be open about this internal defect."

Meanwhile, Twitter CTO Parag Agrawal tweeted an apology for the issue.

"We are sharing this information to help people make an informed decision about their account security. We didn't have to, but believe it's the right thing to do," he said.

After receiving criticism for saying Twitter didn't have to go public with the breach, Argawal followed up with another apology.

"I should not have said we didn't have to share. I have felt strongly that we should. My mistake," he said.

Article Comments

Mason City
Overcast
43° wxIcon
Hi: 48° Lo: 32°
Feels Like: 33°
Albert Lea
Overcast
39° wxIcon
Hi: 46° Lo: 31°
Feels Like: 31°
Austin
Overcast
43° wxIcon
Hi: 47° Lo: 32°
Feels Like: 33°
Charles City
Overcast
43° wxIcon
Hi: 46° Lo: 31°
Feels Like: 33°
Rochester
Overcast
39° wxIcon
Hi: 43° Lo: 30°
Feels Like: 28°
Windy Tuesday
KIMT Radar
KIMT Eye in the sky

Latest Video

Image

Restoring Fountain Lake

Image

Sara's Daybreak Forecast - 6:30a Tuesday

Image

Sara's Daybreak Forecast - Tuesday

Image

Rochester council moving forward with circulator

Image

Latest Iowa AP football rankings

Image

Mason City girls rugby

Image

Final approval for Clear Lake development

Image

Japanese co-op member in Iowa

Image

NICC volleyball writes more for the record books

Image

Nelson's PM Weather Forecast 10/21

Community Events