TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Leaked Twitter passwords stir up wave of anxiety
Change text size
Gift Premium Articles
to Anyone
Share the best of The Jakarta Post with friends, family, or colleagues. As a subscriber, you can gift 3 to 5 articles each month that anyone can read—no subscription needed!
Based on its data, LeakedSource believes that the user credentials were collected by malware-infected browsers like Chrome or Firefox and not stolen directly from Twitter. (Shutterstock.com/GongTo/-)
T
hirty-two million Twitter users are at risk of being hacked, with their login details currently being sold in darkweb marketplaces for 10 Bitcon (about US$5,800). Twitter, however, claimed to have not experienced a security breach in their databases.
“We are confident that these usernames and credentials were not obtained by a Twitter data breach — our systems have not been breached. In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks,” a Twitter spokesperson reportedly said.
According to LeakedSource, a site with a search engine for leaked login credentials, it received a copy of user information from Tessa88@exploit.im, which is the same alias used by the hacker of the Russian social network VK last week. Based on its data, LeakedSource believes that the user credentials were collected by malware-infected browsers like Chrome or Firefox and not stolen directly from Twitter.
Despite this, millions of the social network's users have been affected; hackers have been accessing accounts of high-profile individuals, including celebrity Kylie Jenner’s Twitter and Facebook CEO Mark Zuckerberg’s Twitter and Pinterest. It was revealed that Zuckerberg has been reusing a very simple “dadada” as his password across most social media accounts.
(Read also: Zuckerberg hacking serves as reminder to change passwords)
Fortunately, the repercussions of Zuckerberg’s account takeover were not severe at all. The hacker team that signed its mark on Zuckerberg’s page, known by the name of “OurMine Team”, said that it was “just testing” his security. Kylie Jenner similarly addressed the matter very calmly, responding in an Instagram video: “So my Twitter was hacked […] I don’t really care. I’m just letting them have fun.”
These hackers are theorized to be breaking into accounts by trying out every old password they have in their possession with the hope that some accounts — like Zuckerberg’s — reuse them. Alex Holden, chief information security officer with Hold Security LLC, a company that investigates data breaches, said, “You have hundreds of millions of keys and you can try them on any major collection of locks you can find.” (sab/kes)
