If Your Twitter Account Is Locked, It’s Just Twitter Saving You From a Data Breach
No "my account was hacked!" excuses now.
Yesterday, we picked up a story about a leak of Twitter account credentials because, well, we care about all of you and don’t want anyone to get their account hacked (except you, Steve*). It turns out Twitter cares, too (sometimes), and after looking into the situation, they’ve stepped in to protect users who may have had their account details compromised.
According to LeakedSource, the Twitter data set being passed around the “dark web” contained over 32 million records, with some sporting multiple email addresses for a given username in addition to a visible password. For their part, Twitter has now confirmed that they don’t believe the information came from a breach of their systems, instead placing the blame on password-mining malware on users’ computers.
The company’s blog post on the data dump also mentions that they identified specifically which user accounts had their passwords exposed, and those users should have already gotten emails notifying them that their account has been locked as a safety precaution until their password is changed. Still, they had a few cybersecurity recommendations for everyone out there: enable two-factor authentication, use not only a strong password but one you don’t use on other sites, and consider password management software to help you out, for which they offered a few suggestions.
Personally, I recommend making your email account password unique at the very least, because what good is an account lock and password change notification from Twitter if the person who stole your Twitter account can just sign into your email and intercept it? Keeping your email cordoned off might at least help you minimize the damage if someone snags your information. It’s comforting to see Twitter take the issue so seriously and take action before anything too bad seemed to happen as a result—now if we could only see that same conviction when addressing other Twitter issues …
(via PC Mag, image via Twitter)
*We do not actually have, nor have we ever had, a staff-wide vendetta against someone named Steve. This name was chosen at random for (questionably) comedic effect, and we absolutely do not play ding dong ditch or leave flaming bags of poop on his or her doorstep. That would be immature. Like Steve.
—The Mary Sue has a strict comment policy that forbids, but is not limited to, personal insults toward anyone, hate speech, and trolling.—