Twitter: A few hacked accounts, many reset passwords

Twitter sent out a large number of emails on Thursday warning users that their accounts might have been compromised. A few accounts were hacked, but it's not a large-scale assault. Twitter says it accidentally reset a large number of passwords for users who weren't under attack.

Jeff Chiu/AP/File
The Twitter logo hangs in the company's San Francisco offices in this file photo. Twitter said Thursday that it had accidentally expanded a routine security procedure to many of its users, resetting passwords and sending out warning emails.

If you’re among those who received an email from Twitter asking you to reset your password -- don’t worry, your account (probably) wasn’t hacked. This is just what it looks like when Twitter accidentally loops way too many people into a routine security procedure.

Since Twitter is such a big platform, at any given time there are a few accounts that might have been compromised. When Twitter sees activity that indicates an account has been hacked, it automatically resets that account’s password to lock out intruders and sends the user a warning email about what’s going on. Twitter reminded everyone on Thursday that the procedure is “a routine part of our processes to protect our users.”

But the company accidentally cast the net way too wide, resetting the passwords of many accounts and sending out emails to all those users warning them of suspicious activity. There definitely were some attacks on accounts Thursday morning – Natasha Lomas at TechCrunch describes how the website's handle was hacked, for example -- but Twitter isn’t being besieged by hackers. Twitter spokeswoman Carolyn Penner told Reuters that there had not been a security breach.

In a statement about the event, Twitter admitted that it had “unintentionally reset passwords of a larger number of accounts, beyond those that [it] believed to have been compromised.”

We don’t know what triggered the resets, or how many people were asked to change their passwords -- although a quick scan of Twitter itself suggests that the email went out pretty widely.

With that said, it’s probably not a bad idea to change your Twitter password, just in case.

Twitter provided a link to do so in the email it sent to users -- but while that email is legitimate, it’s good to get in the habit of visiting sites directly when security is a concern. (Phishing scams often send out emails that appear official, with misleading links that can send your personal information to shady sites.) And it’s always wise to avoid repeating passwords across different websites -- so if your Twitter account ever does get hacked, you won’t be stuck wondering whether the attackers were able to access your other accounts with the same password.

Did Twitter reset your account password? Tell us about it in the comments section below. And follow us on Twitter @venturenaut (we had to reset our password, but don’t worry; everything’s fine).

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.