Millions Of Twitter Passwords Leaked Online

You might want to update your information now.

10/06/2016 12:25 AM AEST | Updated 10/06/2016 12:25 AM AEST
Fabrizio Bensch / Reuters
"Tens of millions" of Twitter accounts may be compromised, LeakedSource reported Wednesday.

If you've ever used Twitter, now might be a good time to change your passwords.

"Tens of millions" of Twitter credentials are being traded on the dark web, data research group Leaked Source reported Wednesday

The group says it's obtained a data set containing 32,888,300 Twitter records, each of which "may contain an email address, a username, sometimes a second email and a visible password."

It appears that hackers obtained this information using malware designed to gather username and password details from web browsers. That means Twitter itself wasn't hacked.

"We are confident that these usernames and credentials were not obtained by a Twitter data breach -- our systems have not been breached," a spokesman for Twitter told The Huffington Post via emailed statement. "In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks."

Twitter security officer Michael Coates said the social network takes precautions to keep users safe.

Still, you should check Leaked Source's database to make sure you're not one of millions of people whose information is exposed. If you are, you should immediately change your Twitter password. And if you use the same password on multiple sites, change those, too.

You could also enable login verification on Twitter as an additional security step. This will text a unique code to your phone when you log into Twitter, thereby preventing hackers from worming their way in.

It's important to use strong, unique passwords on every site. Leaked Source revealed the top five most common passwords in its Twitter dataset. They don't impress: "123456," "123456789," "qwerty," "password" and "1234567." With such weak sauce codes, a hacker wouldn't even need malware to bust into your account -- just a lucky guess.


Also on HuffPost
Twitter PR Fails

More On This Topic