Although millions of Twitter handles and passwords were popping up for sale, Twitter had not suffered a breach.Twitter secures potentially vulnerable accounts by monitoring location, device used and login history for unusual behavior.
Twitter moved relatively quickly to secure its users’ accounts, the social media platform forcing all users whose information was leaked to reset their passwords.
Michael Coates, Twitter trust and information security officer, said the purported Twitter @names and passwords may have been amassed from combining information from other recent breaches, malware on victim machines that are stealing passwords for all sites, or a combination of both.
He added that Twitter has been examining the stolen data from other sites and cross-checking it with Twitter’s own records to determine which accounts may be vulnerable and securing them with extra protection, including forced password resets.
Twitter recommends two-factor authentication, a strong and unique password, and a password manager to keep the account secure.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now