Twitter logo is displayed on a screen of a mobile device. (Photo : Bethany Clarke/Getty Images)
News of hacking incidents among social media and millions of users' account credentials being sold online have been making rounds in recent weeks. On Wednesday, 32 million accounts of Twitter users have reportedly been breached, a case that Twitter is confident didn't happen. Nonetheless, it is the time that users utilize Twitter's two-factor authentication feature.
Hacked data aggregation site LeakedSource said that Tessa88@exploit.im sent them a copy of Twitter information containing 32,888,300 records, which include a combination of emails, usernames and passwords, TechCrunch reported. In a statement via Twitter, the social media's trust and information security officer Michael Coates said, "We have investigated reports of Twitter usernames/passwords on the dark web, and we're confident that our systems have not been breached."
We have investigated reports of Twitter usernames/passwords on the dark web, and we're confident that our systems have not been breached.
— Michael Coates ஃ (@_mwc) June 9, 2016
LeakedSource believes that the leaked information were not stolen directly from Twitter, but might have been taken via malware released on browsers such as Chrome and Firefox. Jake Williams, founder of the cyber security consultancy Rendition InfoSec, does not quite agree, per Wired. Williams said that given the blank password fields in some of the data, it could be the result of poor password management where users use the same password across their social media accounts.
Another set of Twitter users credentials were put up in the black market by the same hacker that sold MySpace and LinkedIn information on the dark web. Peach put up about 71 million Twitter user data, 360 million MySpace accounts, and 117 LinkedIn emails and passwords.
If you are one of the many users who tend to use or recycle the same passwords in your several social media accounts, now is the time to ensure your protection. In Twitter, you can register your mobile number, after which you will receive a confirmation code that will verify that it is really your account. Also check the "Verify login requests" setup so that every time someone tries to login to your account from different devices, you will first receive a code via your phone.
Reset your passwords once in a while and if you tend to be forgetful, use a password manager. It is also recommended that you create a strong password, preferably at least 16 characters at least, with a combination of letters, symbols and numbers, as the video below suggested.
