Twitter urges all users to change passwords after glitch

Twitter urges all users to change
passwords after glitch

Reu

Twitter Inc urged its more than 330 million
users to change their passwords after a glitch
caused some to be stored in readable text on
its internal computer system rather than
disguised by a process known as "hashing".
The social network disclosed the issue in a
blog post and series of Tweets on Thursday
afternoon, saying it had resolved the problem
and an internal investigation had found no
indication passwords were stolen or misused
by insiders. Still, it urged all users to consider
changing their passwords.
"We fixed the bug and have no indication of a
breach or misuse by anyone," Chief Executive
Jack Dorsey said in a Tweet. "As a precaution,
consider changing your password on all
services where you’ve used this password."
The blog did not say how many passwords
were affected. A person familiar with the
company's response said the number was
"substantial" and that they were exposed for
"several months."
The disclosure comes as lawmakers and
regulators around the world scrutinise the way
that companies store and secure consumer
data, after a string of security incidents at
Equifax Inc, Facebook Inc and Uber
Technologies Inc.
The European Union is due later this month to
start enforcing a strict new privacy law, the
General Data Protection Regulation, that
includes steep fees for violators.
Twitter discovered the bug a few weeks ago
and has reported it to some regulators, said
the person, who was not authorized to discuss
the matter publicly.
The US Federal Trade Commission, which
investigates companies accused of deceptive
practices related to data security, declined
comment on the password glitch.
The agency settled with Twitter in 2010 over
accusations the site had “serious lapses” in
data security that let hackers access private
user data on two occasions. The settlement
called for audits of Twitter's data security
program every other year for 10 years.
The glitch was related to Twitter's use of
"hashing" and caused passwords to be written
on an internal computer log before the
scrambling process was completed, the blog
said.
"We are very sorry this happened," the Twitter
blog said.
Twitter's share price was down 1 percent in
extended trade at $30.35, after gaining 0.4
percent during the session.
The company advised users to take
precautions to ensure that their accounts are
safe, including changing passwords and
enabling Twitter's two-factor authentication
service to help prevent accounts from being
hijacked.
source : bdnews24