It turns out, the social media company had been saving passwords without any kind of protection on an internal server.
On Thursday evening, Twitter took to, well, Twitter, to make the following statement:
We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ
— Support (@Support) May 3, 2018
On the social media platform’s official blog, they stated that they had identified a bug that stored passwords unmasked in an internal log, which essentially means that Twitter account passwords were available to be viewed by anyone who happened to have access to that log.
The company does stress that there was no indication that this log had been breached or misused in any way, and that making the news public to the platform’s users was merely out of caution.
However, they did also encourage that all Twitter users – which is currently over 330,000,000 accounts around the world – to change their account passwords, as well as enabling the two-step authentication for every account, for added security.
