Twitter Inc urged its more than 330 million users to change their passwords after a glitch caused some to be stored in readable text on its internal computer system rather than disguised by a process known as “hashing”.
The social network disclosed the issue in a blog post and series of Tweets on Thursday afternoon, saying it had resolved the problem and an internal investigation had found no indication passwords were stolen or misused by insiders. Still, it urged all users to consider changing their passwords.
“We fixed the bug and have no indication of a breach or misuse by anyone,” Chief Executive Jack Dorsey said in a Tweet. “As a precaution, consider changing your password on all services where you’ve used this password.”
The blog did not say how many passwords were affected. A person familiar with the company’s response said the number was “substantial” and that they were exposed for “several months.”
The disclosure comes as lawmakers and regulators around the world scrutinize the way that companies store and secure consumer data, after a string of security incidents at Equifax Inc, Facebook Inc and Uber Technologies Inc.
The European Union is due later this month to start enforcing a strict new privacy law, the General Data Protection Regulation, that includes steep fees for violators.
Twitter discovered the bug a few weeks ago and has reported it to some regulators, said the person, who was not authorized to discuss the matter publicly.
The U.S. Federal Trade Commission, which investigates companies accused of deceptive practices related to data security, declined comment on the password glitch.
The agency settled with Twitter in 2010 over accusations the site had “serious lapses” in data security that let hackers access private user data on two occasions. The settlement called for audits of Twitter’s data security program every other year for 10 years.
The glitch was related to Twitter’s use of “hashing” and caused passwords to be written on an internal computer log before the scrambling process was completed, the blog said.
We are very sorry this happened,” the Twitter blog said.
Twitter’s share price was down 1 percent in extended trade at $30.35, after gaining 0.4 percent during the session.
The company advised users to take precautions to ensure that their accounts are safe, including changing passwords and enabling Twitter’s two-factor authentication service to help prevent accounts from being hijacked.
Reporting by Jim Finkle in Toronto; Additional reporting by Diane Bartz in Washington; editing by Susan Thomas and Bill Rigby
GOP ripped for refusing to remove Trump from office: ‘Folly of that failure becomes clearer by the day’
Republicans seeking to keep control of the United States Senate were harshly criticized by the St. Louis Post-Dispatch for failing to remove President Donald Trump from office during impeachment.
"For four years now, as both a candidate and president, Donald Trump has repeatedly attacked America’s voting system, falsely claiming voter fraud any time it suited his needs. In a new low, last week he threatened the federal funding of two states over their reasonable moves to facilitate mail-in voting," the newspaper noted in an editorial published online on Memorial Day. "What does it say that the head of the world’s leading democracy is so intent on undermining that democracy?"
Fox News commentator slammed for mocking Joe Biden’s decision to wear a mask
On Monday, during his observance of Memorial Day, former Vice President Joe Biden donned a face mask in accordance with CDC guidelines — a contrast with President Donald Trump, who has frequently refused to wear a mask even in some places that require them.
But Fox News senior analyst Brit Hume went out of his way to mock how Biden looked wearing it.
This might help explain why Trump doesn’t like to wear a mask in public. Biden today. pic.twitter.com/9l1gw1ljBE
— Brit Hume (@brithume) May 25, 2020
GOP Leader un-endorses Republican candidate for ‘hateful rhetoric’ on social media
On Monday, House Minority Leader Kevin McCarthy (R-CA) announced he was revoking his endorsement of Ted Howze, the Republican candidate for California's 10th Congressional District, per Politico.
“In light of Mr. Howze’s disappointing comments, Leader McCarthy has withdrawn his endorsement," said McCarthy spokesperson Drew Florio. "As the Leader has previously stated, hateful rhetoric has no place within the Republican Party."
Howze's support within the Republican Party leadership has collapsed after a series of racist Facebook posts were unconvered, in which he called Black voters "political slaves," compared young immigrants to pedophiles, and said Muslims are incapable of being good American citizens.