Twitter Accidentally Resets Passwords, Delays in Telling Account Holders
Many Twitter users’ account passwords were reset due to a potential security issue caused by a “web site or service not associated to Twitter,” according to Re/code.
Letters notifying users of the reset were not sent immediately, leaving many users locked out of their accounts.
“Twitter believes that your account may have been compromised by a website or service not associated with Twitter,” the notification said. “We’ve reset your password to prevent accessing your account.”
A Twitter spokesman later revealed that the issue was triggered by a system error:
“We unintentionally sent some password reset notices tonight due to a system error,” a Twitter spokesman said. “We apologize to the affected users for the inconvenience.”
The number of affected users seem to be far less than 1 per cent of Twitter’s user base.
A year ago, Twitter encountered a real security issue, losing usernames, email addresses, and encrypted and salted passwords for close to 250,000 people. All compromised user accounts had their passwords reset and received email notification letters for password reset procedures.