Twitter has locked down millions of accounts after verifying their login and password details were leaked on the dark web. Earlier this week, LeakedSource revealed that data of 32 million Twitter accounts had been leaked. The website even created a searchable database where users could check whether their accounts were affected or not. Also Read - Twitter Bug Bounty Contest to offer $3500 cash prize for detecting algorithm biasAlso Read - COVID-19 third wave: Twitter shuts offices as coronavirus cases rise
This data set contains 32,888,300 records. Each record may contain an email address, a username, sometimes a second email and a visible password. We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords, LeakedSource had claimed. Also Read - Twitter Voice Tweets rolling out for iOS: What are they, how to send
Twitter, on its part, maintains the breach did not happen via their servers. The purported Twitter @names and passwords may have been amassed from combining information from other recent breaches, malware on victim machines that are stealing passwords for all sites, or a combination of both. Regardless of origin, we re acting swiftly to protect your Twitter account, the company stated in a blog post.
Interestingly, Twitter also admitted that it has found several accounts with direct exposure and needed extra protection. It further says that these accounts have been locked and need a password reset by the account owner. Though there s no information on how many such accounts were locked, but Twitter told the Wall Street Journal that “millions” of accounts have been sent notifications.
Twitter has also suggested a few measures to keep users accounts safe. The company is asking users to enable two-step verification, use a strong password that is not same for other websites, and use password manager such as 1Password or Lastpass to ensure unique passwords for different services.
These have been some tense few days for Twitter, which has seen accounts of some high profile users getting hacked. Earlier this week, Facebook CEO Mark Zuckerberg’s Twitter account was hacked, but that was because he used the same username and password for LinkedIn, which was hacked earlier. Katy Perry, who is the most followed person on Twitter, also had her account hacked recently. But what would have come across as a major embarrassment when Twitter co-founder Evan Williams’ account was hacked.