Twitter resets passwords after phishing attack

Unknown number of users whose accounts may have been compromised offsite get new passwords, company announces.

Twitter

Twitter reset passwords for an unknown number of users on Tuesday whose accounts appeared to have been compromised via phishing.

"As part of Twitter's ongoing security efforts, we reset passwords for a small number of accounts that we believe may have been compromised offsite," the company said in a statement.

Some Twitter users apparently "used their Twitter username and password to sign up for an untrusted third-party application which then posted Tweets to their account," a spokeswoman said.

"While we're still investigating and ensuring that the appropriate parties are notified, we do believe that the steps we've taken should ensure user safety," the statement said. "We'll continue to provide updates as warranted at @safety and @spam."

Users who want information on what to do if their accounts have been compromised can visit this page and learn how to use Twitter safely here.

Update 12:05 p.m. PST: In response to a reader e-mail suggesting that there may have been a breach at Twitter, Del Harvey, trust and safety director at Twitter, said there was no data breach at the company.

"We've noticed a high correlation of users with accounts on third-party Torrent sites and users' accounts that we believe are compromised. It's possible that this person falls into this category. It's not a result of a data breach on Twitter."

 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

Saving your life at speed and in style

Volvo have been responsible for some of the greatest advancements in car safety. We list off the top ways they've kept you safe today, even if you don't drive one.