Twitter: we weren’t hacked
Twitter said the @names and passwords available on the “dark web” were not obtained from a hack of Twitter’s servers.
“Over the past days and weeks we’ve responded to several issues, including reports of leaked Twitter @names and passwords,” said Twitter.
The purported Twitter @names and passwords may have been amassed from combining information from other recent breaches, malware on victim machines that are stealing passwords for all sites, or a combination of both.
“In each of the recent password disclosures, we cross-checked the data with our records. As a result, a number of Twitter accounts were identified for extra protection.”
Twitter accounts with direct password exposure were locked, and require a password reset by the account owner.
More on Twitter
R234,000 for a Twitter remote code execution vulnerability
Twitter testing Periscope live broadcast button