Twitter resets all passwords after phishing attack

Twitter reset passwords for an unknown number of users whose accounts appeared to have been compromised via phishing.

“As part of Twitter’s ongoing security efforts, we reset passwords for a small number of accounts that we believe may have been compromised offsite,” the company said in a statement.

Some Twitter users apparently “used their Twitter username and password to sign up for an untrusted third-party application which then posted Tweets to their account,” a spokeswoman said.

“While we’re still investigating and ensuring that the appropriate parties are notified, we do believe that the steps we’ve taken should ensure user safety,” the statement said. “We’ll continue to provide updates as warranted at @safety and @spam.”

Users who want information on what to do if their accounts have been compromised can visit this page and learn how to use Twitter safely here.

In response to a reader e-mail suggesting that there may have been a breach at Twitter, Del Harvey, trust and safety director at Twitter, said there was no data breach at the company.

“We’ve noticed a high correlation of users with accounts on third-party Torrent sites and users’ accounts that we believe are compromised. It’s possible that this person falls into this category. It’s not a result of a data breach on Twitter.”

Leave a Reply

You must be logged in to post a comment.