#Twitter Changes Passwords of Hacked Accounts, Emails 250,000 Users

Late Friday afternoon, Twitter began notifying account holders that their account security had been compromised and their passwords had been changed.  In an article posted to the official Twitter blog, Bob Lord, Director of Information Security, said that unusual access patterns led to a discovery of a live attack in progress.  That attack was shut down immediately, but further investigation into the breach discovered hackers had already accessed sensitive user data.


The usernames, email addresses, session tokens and encrypted/salted versions of passwords for approximately 250,000 users had been accessed before Twitter could restore security.

According to Lord:

As a precautionary security measure, we have reset passwords and revoked session tokens for these accounts. If your account was one of them, you will have recently received (or will shortly) an email from us at the address associated with your Twitter account notifying you that you will need to create a new password. Your old password will not work when you try to log in to Twitter.

Although 250,000 accounts represent a small percentage of Twitter users, Lord further cautioned all devotees of the 140 character micro-blogging site to practice good “password hygiene.”

Make sure you use a strong password – at least 10 (but more is better) characters and a mixture of upper- and lowercase letters, numbers, and symbols – that you are not using for any other accounts or sites. Using the same password for multiple online accounts significantly increases your odds of being compromised.

This is excellent advice not only for your Twitter account, but for EVERYTHING you log into online.  In addition to the password protocols above, it is wise to change passwords on a regular basis.  This will help further protect your personal data.

I still get spam Direct Messages (DMs) from Twitter users that have been hacked.  Neglecting your social media accounts and letting them go dormant for too long is an open invitation to hackers.  Keep them current.  Take responsibility for your personal online security and take a few moments to update those passwords.

Michelle Stinson Ross

Michelle Stinson Ross

Content & Outreach Goddess at AuthorityLabs
Michelle Stinson Ross is a digital marketing industry recognized authority on the outreach power of social media. She has worked as a community manager and consultant for several brands to increase brand awareness, raise the visibility of special promotions, and train their teams to use the social space to connect with media influencers and the public. Michelle is part of the marketing team at AuthorityLabs and co-hosts #SocialChat, a Twitter based live chat that covers a variety of topics geared toward social media marketing (Mondays at 9 p.m. ET). Her passion for social media marketing has made her a regular conference speaker at events like ClickZ Live, and Search Marketing Expo. She has also been a featured guest on Webmaster Radio and several industry Hangouts on Air.
Michelle Stinson Ross
Michelle Stinson Ross