Has Twitter been hacked?

Has Twitter been hacked?

Hacks have been in the news a lot lately, with Tumblr and MySpace being part of a huge breach, and over 100 million people's passwords were hacked from LinkedIn.

The latest 'mega breach' could involve Twitter, with a reported 32 million credentials appearing online.

LeakedSource obtained and uploaded a copy of the data to their own databases, and say that each of the 32,888,300 compromised records includes email addresses, a username, and even a second email and clear-text password.

At the time of writing, Twitter are still saying that there's no breach.

A Twitter spokesperson told TechCrunch said: "We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached. In fact, we've been working to help keep accounts protected by checking our data against what's been shared from recent other password leak."

It looks like this breach isn't from Twitter themselves, but rather, users how have had browsers infected with malware.

Most users found in the list appear to be from Russia, which is great news if you don't live in Russia.

"Passwords were stolen directly from consumers, therefore they are in plaintext with no encryption or hashing. Remember that Twitter probably doesn't store the passwords in plaintext, Chrome and Firefox did," said LeakedSource.

"The join dates of some users with uncrackable (yet plaintext) passwords were recent. There is no way that Twitter stores passwords in plaintext in 2014 for example. The top email domains don't match up to a full database leak, more likely the malware was spread to Russians."

As ever, some of the passwords in this list were dreadful. Things like '123456', and 'password', were found in hundreds of thousands of accounts.

No wonder Microsoft are going to ban the worst passwords. If you have an easy to guess password, please sort it out. If not, you deserve to get hacked, really.

What do you think?

Your comment