Click to Skip Ad
Closing in...

Warning: Change your Twitter password immediately

Published Jun 9th, 2016 9:14AM EDT
Twitter Hacked 2016
Image: Twitter

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Welcome to the internet age, where hackers are getting smarter every day and malware is lurking around every corner. We’ve seen a terrifying amount of big data breaches occur over the past few years, and each one seems bigger and scarier than the last. Today, however, we get a new reminder that data breaches are just one of the ways hackers get their hands on our data. Reports are flying that tens of millions of valid Twitter account credentials have been made available for sale on the dark web, though the company has denied that a breach took place.

Whatever the case, the most important takeaway is this: Change your Twitter password immediately.

DON’T MISS: Google’s Larry Page has secretly spent more than $100M to build flying cars

“Twitter credentials are being traded in the tens of millions on the dark web. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data,” LeakedSource wrote in a blog post. “This data set was provided to us by a user who goes by the alias ‘Tessa88@exploit.im’, and has given us permission to name them in this blog.”

LeakedSource is a site that collects stolen account credentials and enters them into a searchable data base, allowing users to determine whether or not they are affected when new breaches are discovered. In the case of these 32+ million Twitter accounts, it’s unclear how or when they were obtained and Twitter is saying the company definitely wasn’t hacked.

“We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached. In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks,” a Twitter spokesperson said to TechCrunch.

More from LeakedSource: “This data set contains 32,888,300 records. Each record may contain an email address, a username, sometimes a second email and a visible password. We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.”

So how did the hacker(s) manage to obtain all these credentials? LeakedSource speculates that a massive malware campaign is the culprit.

Zach Epstein
Zach Epstein Executive Editor

Zach Epstein has been the Executive Editor at BGR for more than 15 years. He manages BGR’s editorial team and ensures that best practices are adhered to. He also oversees the Ecommerce team and directs the daily flow of all content. Zach first joined BGR in 2007 as a Staff Writer covering business, technology, and entertainment.

His work has been quoted by countless top news organizations, and he was recently named one of the world's top 10 “power mobile influencers” by Forbes. Prior to BGR, Zach worked as an executive in marketing and business development with two private telcos.