According to a mail twitter sent out they're the second victim in a recent spree of log-related password exposing bugs, however compared to Github, this affected all 330 million users.

In the email Twitter states:

When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.

Even though they claim that the bug haven't been misused it's better to be safe than sorry and change your password everywhere you have used it.

Source

 

[FAST6191]

"We recently identified a bug that stored passwords unmasked in an internal log."

That is not a little bug/oversight. I don't imagine for a moment that every line of their pass hashing and salting code was not gone over 50 times by multiple groups. For this to happen in spite of that... were I in their security teams right now I would almost hope it was malice that put it there.

 

[Zhongtiao1]

I bet a couple of people are getting fired (or at least demoted) now.

 

[KiiWii]

Changed mine in browser, but weirdly the app on ios didnt ask for updated password.

I manually checked the password on the app and the old pass was still in there, so I updated it and reloaded the app and was logged in.

Found that very odd.

 

[DeslotlCL]

Fuck. It is the same password i use almost everywhere with my main accounts, fuck my luck i guess... had to move between sites to change every single one of them...

 

[Sakitoshi]

so that's why the app just asked about my security, I just ignored it as I always do.
I'm not worried, I'm not important enough to have something valuable for someone else and my twitter account has my previous password anyways.

 

[DarkFlare69]

Fortunately I learned my lesson before and never use the same password on more than one site. My Twitter password is 24 random characters

 

[Mr.Faq2015]

This is one of those moments when I'm glad of not having a Twitter account...
inb4 Youtube has a "bug" that exposes all of your private videos, comments and your suscriptions/suscribers (and your password of course)

Sent from my 1DS with B9S using Discord Nitro

 

[Deleted User]

This is why I don't use social media. Besides, what's the point of social media when you got GBAtemp?

 

[linuxares]

Fuck. It is the same password i use almost everywhere with my main accounts, fuck my luck i guess... had to move between sites to change every single one of them...

https://www.lastpass.com https://keepass.info - Problem solved!

 

[DeslotlCL]

https://www.lastpass.com https://keepass.info - Problem solved!

I mean, i would be giving my password to another site which i have never heard about

 

[RedoLane]

Damnit! now i'll need to change my password from "VirginBlasterXXX69" to something else!
(Don't try that. it's only a joke)

 

[linuxares]

I mean, i would be giving my password to another site which i have never heard about

You need to seriously learn about password managers asap. Keepass is local and Lastpass is online.

 

[DeslotlCL]

You need to seriously learn about password managers asap. Keepass is local and Lastpass is online.

Need i? Im kinda paranoid with this kind stuff so i would prefer to save them on a notepad

 

[linuxares]

Need i? Im kinda paranoid with this kind stuff so i would prefer to save them on a notepad

Oh boy... Notepads are really insecure

 

[filfat]

Oh boy... Notepads are really insecure

I mean if hes talking about a real life notepad, I could kinda see the argument.. provided it’s stored in safe or similar. I seriously doubt that he is though.

 

[sarkwalvein]

How can so much incompetence...
I guess it costs too much money to hire people who know what they're doing.

 

[gnmmarechal]

Need i? Im kinda paranoid with this kind stuff so i would prefer to save them on a notepad

Uh.... That is *not* safer than keepass

 

[WiiUBricker]

No need to hack my twitter or any social medias. I’ll give them out for free if someone wants

 

[APartOfMe]

I mean, i would be giving my password to another site which i have never heard about

LastPass is amazing. It stores and can auto fill all your passwords. It can also generate random passwords. Best of all, it syncs to the cloud, so you can access your passwords on any device.