Due to an internal bug, Twitter asks its users to change passwords as a precautionary measure

Friday May 04, 2018 , 3 min Read

Time to change your Twitter password. Why? Well, the platform wants you to, as a cautionary measure.

As a precautionary measure, Twitter has requested more than 330 million monthly active users to consider changing their password after the online news and social networking service discovered an internal bug.

In a blog post, the new CTO of Twitter Parag Agrawal shared why this is necessary and why it has happened: “When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.”

According to Parag, the error was found internally which means that he is hinting that there was no external breach, and the firm is trying to take measures to ensure that it doesn’t happen again. According to him, “Due to a bug, passwords were written to an internal log before completing the hashing process.”

The Twitter Support handle has shared the same in a tweet and cautioned all users about the internal bug.

We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ
— Twitter Support (@TwitterSupport) May 3, 2018

With the GDPR coming into effect from May 25, Twitter has recently updated its Privacy Policy allowing users to have more control over their personal data and letting them see how the users’ public data is shared broadly and instantly, including through the developer tools. This year has also started on a high note for Twitter Inc. which, after being profitless for years, posted its first-ever profit this quarter.

Given that things have been going well, this hiccup could be a problem for Twitter. Though the company wants its user to change the passwords as a precautionary measure, there is definitely more to the bug. For as the CTO Parag writes,

“We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.”

Twitter Inc. CEO Jack Dorsey too shared the update on Twitter requesting users to change the password:

We recently discovered a bug where account passwords were being written to an internal log before completing a masking/hashing process. We’ve fixed, see no indication of breach or misuse, and believe it’s important for us to be open about this internal defect. https://t.co/BJezo7Gk00
— jack (@jack) May 3, 2018