4.2 C
London
Thursday, December 3, 2020

Twitter confirms 32 million leaked passwords is real but says the breach did not come from them

Must read

Pro-democracy Hong Kong activist plans to go into exile in Britain

A Hong Kong pro-democracy activist and former politician said that he will move to Britain in exile. “I hereby announce that I will go into...

Swamped US hospitals scramble for pandemic help

Covid-stretched US hospitals are trying to lure nurses and doctors out of retirement, recruiting students and new graduates yet to earn their licenses while...

Ivanka Trump interviewed as part of inauguration fund lawsuit

Donald Trump’s daughter Ivanka has been interviewed by government lawyers alleging the president’s 2017 inauguration committee misused donor funds, a new court filing has...

Newcastle’s Premier League clash with Villa postponed over coronavirus outbreak

Newcastle’s trip to Aston Villa has been postponed after an outbreak of coronavirus at the northeast club. The Magpies, who were due to travel to...

Recently we heard that close to 32 million Twitter login details were hacked and leaked on the dark web.

Twitter has now confirmed the hack is real but says that the breach didn’t come from them and suggests malware on users’ computers could be the cause.

“We’ve investigated claims of Twitter @names and passwords available on the ‘dark web’, and we’re confident the information was not obtained from a hack of Twitter’s servers,” Michael Coates, Twitter’s security boss, wrote in a blog post.

“The purported Twitter @names and passwords may have been amassed from combining information from other recent breaches, malware on victim machines that are stealing passwords for all sites, or a combination of both.

“Regardless of origin, we’re acting swiftly to protect your Twitter account.”

A blog post published by ‘Leaked Source’ – which has built a database of login data that has been leaked or stolen – revealed the Twitter credentials were being traded on the dark web for 10 bitcoins (£4,000).

It wrote in a blog post: “We have very strong evidence that Twitter was not hacked, rather the consumer was.

“These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.”

Leaked Source suggests users’ data was stolen via malware – based on the fact that many of the stolen passwords were displayed in plaintext.

Coates, who says Twitter secures account credentials using bcrypt, added: “In each of the recent password disclosures, we cross-checked the data with our records.

“As a result, a number of Twitter accounts were identified for extra protection.

“Accounts with direct password exposure were locked and require a password reset by the account owner.”

Here’s what Coates suggests you should do:

1. Enable login verification (e.g. two factor authentication). This is the single best action you can take to increase your account security.

2. Use a strong password that you don’t reuse on other websites.

3. Use a password manager such as 1Password or LastPass to make sure you’re using strong, unique passwords everywhere.

- Advertisement -

More articles

This site uses Akismet to reduce spam. Learn how your comment data is processed.

- Advertisement -

Latest article

Pro-democracy Hong Kong activist plans to go into exile in Britain

A Hong Kong pro-democracy activist and former politician said that he will move to Britain in exile. “I hereby announce that I will go into...

Swamped US hospitals scramble for pandemic help

Covid-stretched US hospitals are trying to lure nurses and doctors out of retirement, recruiting students and new graduates yet to earn their licenses while...

Ivanka Trump interviewed as part of inauguration fund lawsuit

Donald Trump’s daughter Ivanka has been interviewed by government lawyers alleging the president’s 2017 inauguration committee misused donor funds, a new court filing has...

Newcastle’s Premier League clash with Villa postponed over coronavirus outbreak

Newcastle’s trip to Aston Villa has been postponed after an outbreak of coronavirus at the northeast club. The Magpies, who were due to travel to...

UN agency removes cannabis from strictest drug category

The UN Commission on Narcotic Drugs has voted to remove cannabis and cannabis resin from a category of the world’s most dangerous drugs, which...
%d bloggers like this: