Yes, it’s that time again — password changing time. On Thursday, Twitter revealed that a bug caused the platform to store user passwords in unmasked form. Normally, sensitive personal data like passwords would be stored in hashed form using a mix of letters and numbers to protect the content of the password itself. In this instance, it sounds like plain text passwords were stored openly without any hashing on Twitter’s internal logs.
We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ
— Twitter Support (@TwitterSupport) May 3, 2018
— The Verge (@verge) May 3, 2018