Twitter has sent out an information via a (obviously) tweet where it asked its users to consider changing their passwords so as to keep their accounts safe. According to the microblogging platform, there was a bug on the platform that could have made user data vulnerable to those who would want to steal such and the best way to safeguard their accounts.
For those that care about the details, Twitter acknowledged that the bug made passwords visible by writing them on an internal log file before hashing them.
We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ
— Twitter Support (@TwitterSupport) May 3, 2018
Since they protect passwords by hashing them under encryption and then storing the hashed documents on another server, it was surprising that the bug caused these passwords o be visible and recorded before the hashing was completed.
There is no need to panic since the company claimed to have discovered the big themselves before anyone else. Hopefully, that is true. That doesn’t mean you shouldn’t consider changing your password though.