Twitter security alert: Have you changed your password?


Twitter issued a security alert to its 336 million users on Thursday urging them to change their passwords. This is the result of a bug that caused some of the passwords to be stored in an internal log, unprotected.

Full details have not be revealed, however, they have announced the bug has new been fixed and their investigations into the matter indicated no breach has taken place. However, they are still urging users to change their account password, via settings. The bug was allowing user passwords to be stored on an internal log, unprotected and not masked by a hashing process known as bcrypt. It seems Twitter was logging passwords in plain text.

In a tweet, CEO Jack Dorsey reassured users:

“We’ve fixed, see no indication of breach or misuse, and believe it’s important for us to be open about this internal defect.”

What remains unclear is exactly how many passwords were affected and how long this went undetected. According to Reuters, the number was “substantial” and the issue was undetected “for months”.

Today, many users are being met with a pop-up urging them to change their password.

About the Author

News content on is produced by our editorial team and complements more in-depth editorials which you’ll find as part of our weekly publication. provides a comprehensive daily reading experience, offering a wide view of the consumer technology landscape to ensure you're always in the know. Check back every weekday for more.