Twitter said it is not a hack of Twitter's servers but identified some of its accounts as requiring extra protection, locking them and requiring a password reset. It indicated that purported passwords may have come from breaches of other sites.
Twitter notified the users that their accounts are at risk of being taken over, reported the Wall Street Journal on Thursday. Despite the lack of information about the number of users effected but it is said that the total is in the millions.
“In each of the recent password disclosures, we cross-checked the data with our records. As a result, a number of Twitter accounts were identified for extra protection. Accounts with direct password exposure were locked and require a password reset by the account owner,” Twitter’s Trust & Information Security Officer, Michael Coates said.
LeakedSource said it has very strong evidence that Twitter wasn’t hacked, rather the consumer was. Both Mr. Coates and LeakedSource pointed to formatting techniques suggesting the database may have been assembled by capturing information from previously hacked computers.
Twitter recommends two-factor authentication, a strong and unique password, and a password manager to keep the account secure. Last weekend, Mark Zuckerberg's Twitter account was briefly hacked, the infiltrators gaining access using the same password the Facebook CEO used for his LinkedIn account.