Twitter had a bug!
If you use Twitter you may want to heed the warning and change your password immediately! The company announced last week that its more than 330 million users’ information was revealed in plain text instead of put through a process called ‘hashing’ according to the BBC.
According to the article, a bug caused the system to reveal and store passwords on an internal log instead of completing the ‘hashing’ process. Hashing is the process by which passwords are masked using a function called bcrypt, which replaces your actual password with a set of numbers and letters stored in Twitter’s system.
The company posted on its blog that the social network conducted an internal investigation to make sure that user passwords were not stolen. The investigation found that no passwords were stolen, however,
the company did encourage users to change password out of “an abundance of caution.”
“When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.”
The social network also explained how users can keep their information safe in the blog post statement about the incident.
The company goes on to state that they discovered the bug themselves and are taking steps to ensure that an incident like this doesn’t happen again.
Jack Dorsey, chief executive of Twitter, tweeted on May 3 that the ‘bug’ had been fixed.
Independent security experts cited in the BBC article praised Twitter and Jack Dorsey for their transparency in letting the public know about the bug shortly after discovering it.
Change Your Password!
Twitter reiterated that it doesn’t believe anyone misused information during the glitch, it does encourage users to change all passwords on all accounts. Here’s what you need to do to ensure your information is protected:
- Change your password on Twitter and on any other service where you may have used the same password.
- Use a strong password that you don’t use on other websites.
- Enable login verification, a two-step authentication. The best way according to the company to protect your information.
- Use a password manager that ensures you’re using strong passwords across platforms.
The Twitter glitch comes on the heels of the revelation last week that the company sold user data to Cambridge Analytica the UK company accused of using social media data to sway the 2016 U.S. presidential election by using psychologically based ads and stories on social media.
The social networks have come under fire for allowing the company to gain access to users’ data. Cambridge Analytica accessed data of friends of people who installed the Facebook app and participated in a personality quiz. After capturing the ‘friends of friends’ data, it was used to target political messages based on user psychological profiles. Cambridge Analytica maintains the data was used only for academic research conducted by Dr. Aleksandr Kogan the professor who developed the personality quiz according to The Verge.
Adding fuel to the fire, it was revealed earlier last week that Twitter sold user data to Professor Kogan at Cambridge Analytica, but the details of how extreme or involved Twitter was with the company are still forthcoming according to Bloomberg. Cambridge Analytica and its parent company SCL Group are now being investigated by the British government according to USA Today.
Late Wednesday, Cambridge Analytica announced that it was filing for bankruptcy in the United States because of the investigation and because “media coverage of the company’s practices had driven away all business.”
An article by the American Marketing Association states that marketing experts agree that Cambridge Analytica has put the social networks into a ‘crisis of trust’ situation which has caused users to leave the platforms.
Bham Now encourages everyone to take the appropriate steps to protect their online personal information by changing passwords across all social media platforms now and often.