A stolen resource of 32 million Twitter account credentials was discovered after it was put up for sale on the dark web. Twitter has assured users that its systems weren’t breached, adding that it is working to secure the compromised accounts.
Leaked login credentials search engine LeakedSource revealed that it gained a copy of some of the Twitter credentials data being sold by a malicious hacker on the dark web. In a blog post, the source of the data was revealed to be the username [email protected]” The alias is the same used by the individual who also revealed breached data from Russian social network VK recently.
The cache, LeakedSource says, contains 32,888,300 records of usernames, passwords and email addresses.
LeakedSource added that it had “strong evidence that Twitter was not hacked, rather the consumer was.” The resource pointed to millions of users infected by malware that saved usernames and passwords from browsers like Chrome and Firefox, relaying the credentials back to hackers.
“These credentials, however, are real and valid. Out of 15 users we asked, all 15 verified their passwords,” Leakedsource stated.
For its part, Twitter also offered the same claim. Trust and information security officer Michael Coates stated in a blog post:
We’ve investigated claims of Twitter @names and passwords available on the “dark web,” and we’re confident the information was not obtained from a hack of Twitter’s servers.
The purported Twitter @names and passwords may have been amassed from combining information from other recent breaches, malware on victim machines that are stealing passwords for all sites, or a combination of both. Regardless of origin, we’re acting swiftly to protect your Twitter account.
Some of the most common passwords used in the combed database make for depressing reading. Predictably, the most common Twitter password “123456”, followed by the imaginative “123456789”. “qwerty” and “password” round up the top list, for the most commonly used passwords among the 32 million Twitter accounts.
In a move to secure the compromised accounts, Twitter has forced all affected users to reset their passwords, effective immediately.