Twitter urges 330 million users after ‘internal glitch’

An internal “bug” left millions of Twitter passwords potentially exposed for months in a plain text file, the company revealed, as it urged hundreds of millions of users to change their passwords as a precaution.

Twitter is supposed to “hash” passwords, using a process called “bcrypt,” before they are stored internally, so the actual passwords are masked for security. A bug caused the passwords to be written down in an internal log before the hashing process was complete, Twitter’s chief technology officer Parag Agrawal wrote in a blog post on Thursday.

“We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone,” Agrawal wrote.
 RT
 4/5/18