A recent internal bug found in the social networking site Twitter has exposed all the users’ passwords as plain texts, leading to Twitter forcing users to change their passwords immediately.
The bug has been found on Thursday that exposed all its 336 million users’ passwords in plain text. Twitter immediately asked its users by sending them notifications to change their passwords right away, though Twitter’s investigation on the issue did not reveal any evidence of data breach or misuse of the unmasked passwords.
Despite lack of evidence, Twitter has recommended users to change their passwords as a precaution on the site and anywhere where the same passwords have been used, reported The Verge.
Twitter copies Snapchat to woo its users
The social networking company says the cause of the bug was because of an issue in the hashing process that protects or masks passwords by replacing them with random characters that get stored on Twitter’s system. Due to an error in the system, rather than masking the passwords, they were apparently being saved in plain texts to an internal log.
As per CNN, Twitter claimed that it discovered the bug on its own and has fixed the issue and working towards making sure that such issues don’t come up again in the future. Twitter also added a warning in its mobile and desktop app asking users to change their passwords.
CEO Jack Dorsey said in a tweet that it was important to ‘be open about this internal defect’. Also, CTO Parag Agrawal tweeted an apology saying, “We are sharing this information to help people make an informed decision about their account security. We didn’t have to, but believe it’s the right thing to do.”