Cyber Security

Twitter advises users to change passwords after patching a bug

A bug was discovered on Twitter’s internal computer system that unintentionally exposed as user passwords were stored unmasked in an internal log.

Twitter disclosed this issue yesterday on an official blog post and in a series of Tweets form Twitter Support.


Twitter hashes passwords using a function known as bcrypt. It replaces an actual password with a random set of numbers and letters and then stored inside their computer systems. This allows the social media company to validate users’ credentials without exposing actual passwords in a way that even Twitter employees can’t see them.

When the bug was discovered, an internal investigation conducted right away and they  found no indication that this was exploited or was caused by an insider breach.

“We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again. We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.” Twitter CTO Parag Agrawal said.

With this, consider changing your Twitter password and enable 2-factor authentication just to be on the safe side.

Ira James
Ira James is an enthusiast who has his roots on PC hardware and gaming. His career as a tech journalist began after working in the PR industry for two years. He started GGWPTech to write PC hardware reviews, gaming, cyber security, and enterprise tech news. His works are also syndicated by other media publishers: Tech Sabado, and the Sunday and Business I.T. section of Manila Times.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.