Twitter locks 'millions' of accounts with exposed passwords
While the passwords didn't leak from Twitter's servers, extra protection is still in order.
While Twitter maintains that its servers have not been hacked, the company now says it has "cross-checked" the account data noted by LeakedSource and is taking pre-emptive measures. Particularly notable in light of hacks that have recently affected accounts from Katy Perry to Mark Zuckerberg to the NFL, the social network said it has identified a number of accounts for extra protection. No matter where the information came from, whether via malware or shared passwords revealed in hacks of other services, any accounts with "direct password exposure" have been locked (similar to pre-emptive moves Netflix and others are using when they see account details floating around), and emails were sent to the owner prompting for a password reset.
In light of recent events, learn more about account security on Twitter and what we're doing to keep yours safe. https://t.co/Hug5cLr6r8
— Twitter (@twitter) June 10, 2016
There's no word on exactly how many accounts in the database checked out, but Twitter told the Wall Street Journal that "millions" of accounts have been notified. If your account is vulnerable then you should've already been notified; so if your inbox is empty and you can still sign in then you don't have anything (more than usual) to worry about. Still, it's always a good time to reset your password just in case, use unique passwords on every account (a password manager like 1Password or LastPass can be helpful) and enable two-factor authentication wherever available.