32 mn Twitter passwords leaked

09 Jun 2016

In what is likely to be a major leak for a while now, 32 million Twitter accounts might have been compromised.

TechCrunch reported the incident citing LeakedSource, a website which lets users download such data and even allows  users to remove their names from the listing for free.

LeakedSource reported in a blog post that it received a copy of the leaked data from a user called ''Tessa88@exploit.im,''. The same person also hacked data from VK, a Russian social networking website, only a week ago (See: Hacker steals 171 mn user accounts of Russian social network VK.com). The data as of now was likely being traded on the dark web, so it would now be a good time for users to change their Twitter password, according to commentators.

According to the same source about 32,888,300 records that contained email addresses, usernames and passwords had been leaked.

The latest development in the matter is that LeakedSource was contacted by Twitter and had stated that the situation was under control.

The hack had rendered the credentials of 32,888,300 Twitter accounts containing email addresses, usernames, and passwords vulnerable.

According to LeakedSource's blog, the user credentials were collected by malware infecting browsers like Firefox or Chrome and many of the users appeared to be in Russia because six of the top 10 email domains in the database acquired by LeakedSource were in Russian including mail.ru and yandex.ru.

The hacked data once again revealed that the most predictive passwords were still being used by a large number of users including '123456' which appeared in the database 120,417 times and 'password' appeared 17,471 times.

Twitter has not yet commented on the mega breach.