Multiple reports suggest that there has been a significant leak of login credentials for one of the most widely used social networks. Apparently login credentials of some 32 million Twitter users have been compromised and leaked online, they’re now believed to be for sale on the dark web, though Twitter maintains that the leak is not as a result of a breach of its systems.
“We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached. In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks,” says a spokesperson for Twitter.
The leaked data is said to contain usernames, passwords, and email addresses of 32,888,30 users. LeakedSource, a search engine for leaked login credentials, believes that these credentials have been stolen through malware infecting popular browsers like Chrome and Firefox, instead of a breach of Twitter’s systems. The bulk of the users affected by this leak appear to be from Russia.
Twitter has been checking its data against what has been shared in recent password leaks. Millions of passwords have been leaked online recently in Myspace and LinkedIn breaches, and it’s likely that users are getting caught out because they tend to use the same password everywhere on the internet, which is a very unhealthy habit.
It’s best to use different passwords for different services and to always have two-factor authentication enables on services that offer this additional security feature.