My Blog List

33 MILLION TWITTER ACCOUNTS HACKED





A hacker claims to be selling 33 million Twitter login credentials, including passwords. Twitter has confirmed and warned the users whose accounts may have affected. It also locked some accounts and sent a password reset request.

The leak follows a string of high profile Twitter accounts being hacked, including those belonging to Katy Perry, Drake, Mark Zuckerberg and Evan Williams. It's hard to say whether those hacks are related to this latest password  leak. But there is a possibility.


An analysis of the database by LeakedSource, a breach notification site which received the database from the seller on Wednesday, showed there are in fact over 32 million purported accounts in the database, after duplicates were removed.

Twitter's former CEO Evan Williams. File photo.
EVAN WILLIAMS : TWITTER FORMER'S CEO



LeakedSource said in a blog post that it was unlikely that Twitter was breached, and pointed to malware as the culprit.


"The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter," the blog post said.

The group said it was able to verify the passwords associated with 15 users. LeakedSource shared a portion of the database with me. Two colleagues whose email addresses were in the database were able to verify their password. A third colleague said they had not used the email address found in the database to join Twitter.

LeakedSource said that the passwords were likely "stolen directly from consumers, therefore they are in plaintext with no encryption or hashing." The groups said it did not believe that Twitter stored data in plain-text at the time the data was taken, thought to be around 2014.

"These credentials however are real and valid," said the group. "The lesson here? It's not just companies that can be hacked, users need to be careful too."

As we've seen in recent data breaches, the most common password was "123456," with the third and fourth password being "qwerty" and "password" respectively.

A Twitter spokesperson said in prepared statement: "We are confident that these usernames and credentials were not obtained by a Twitter data breach -- our systems have not been breached. In fact, we've been working to help keep accounts protected by checking our data against what's been shared from recent other password leaks."

In a recent tweet, the company also said that it periodically checks its data against recent password leaks to ensure that accounts stay secure.

Shrey Kapoor is a Tech-Enthusiast, Harvard certified Cyber Security and Cyber Forensics Expert. He Founder Techphlie.com, which is one of the India's Top Tech News Website. Even Forbes and many other renowned publishers took his articles reference. Shrey is a Technology analyst, strategic thinker and creative writer who is passionate to deliver the best, latest possible Tech-News to his followers and subscribers. He completed his masters in Artificial Intelligence & Robotics, certified in IPR, T.Q.M. & ISO 9001:2008 In Quality Management Systems.

Theme images by merrymoonmary. Powered by Blogger.