Twitter on Wednesday denied that its systems were breached by hackers, despite the discovery of 32 million passwords found for sale on the dark web.
The news comes after a series of massive security breaches targeting other social media sites such as LinkedIn, Tumblr and MySpace, all of which had databases that contained a combined total of 360 million user credentials leaked online.
However, while these sites admitted they were victims of a cyber attack, Twitter has stressed its systems “have not been breached”.
“We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached. In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks,” a Twitter spokesperson told TechCrunch.
The passwords for 32 million Twitter accounts, which has reportedly been seen by LeakedSource, a website that collates leaked data so that those users can find out if they have been affected, said the passwords are listed as plain text, which means they had not been encrypted and were most likely stolen from users having their computers infected with malware, and not from Twitter itself being hacked.
LeakedSource also said that 32,888,300 leaked records contain email addresses, usernames and passwords and that many of the records seem to be from users based in Russia or from those with a mail.ru email account.
The company also said that somewhat predictably, some of the most common passwords used were “123456”, “password” and “qwerty”.
Twitter’s security has said it is working with LeakedSource to try and help protect any users affected by the data leak.
This latest security breach comes just days after Facebook CEO Mark Zuckerberg was himself the victim of hacking, after hackers were able to gain access to some of his social media accounts.
If you have a Twitter account, it is advisable to change your password immediately.