Twitter apologises for resetting a larger number of passwords than intended

8 Nov 2012

Twitter has publicly apologised to its users after unintentionally resetting the passwords of a larger number of accounts beyond those believed to have been compromised by a phishing attack.

Over the last 24 hours, users have been pointing out that they’ve had problems accessing their accounts and Twitter emailed those users whose accounts may have been hacked, urging them to create new passwords for their accounts.

US tech news site TechCrunch was among the accounts understood to be compromised by the attack, which resulted in spammers briefly using its account.

However, it has since transpired that many Twitter users whose accounts weren’t actually compromised had their passwords reset and had to register a new one with the social networking site.

In a blog post on its status page today, Twitter wrote: “We’re committed to keeping Twitter a safe and open community. As part of that commitment, in instances when we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users.

“In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologise for any inconvenience or confusion this may have caused,” Twitter said.

status

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com