Company says it has fixed the internal glitch and has seen ‘no indication of breach or misuse’ but recommends precautionary steps

This article is more than 2 years old

This article is more than 2 years old

Twitter has urged its 336 million users to change their passwords after the company discovered a bug that stored passwords in plain text in an internal system.



The company said it had fixed the problem and had seen “no indication of breach or misuse”, but it suggested users consider changing their password on Twitter and on all services where they have used the same password “as a precaution”.

“We are very sorry this happened,” said Twitter’s chief technology officer, Parag Agrawal, in a blogpost. “We recognise and appreciate the trust you place in us, and are committed to earning that trust every day.”

Twitter Support (@TwitterSupport) We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ

Companies with good security practices typically store user passwords in a form that cannot be read. In Twitter’s case, passwords are masked through a process called hashing, which replaces the actual password with a random set of numbers and letters that are stored in the company’s system.

The Guardian view on privacy online: a human right | Editorial Read more

“This allows our systems to validate your account credentials without revealing your password,” said Agrawal. “This is an industry standard.”

“Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.”

Agrawal advises people to change their passwords, enable two-factor authentication on their Twitter account and use a password manager to create strong, unique passwords on every service they use.