Twitter advises users to change their passwords

Hackers this week claimed to have compromised the accounts of 55,000 Twitter users, publishing their usernames and passwords online using the Pastebin web service.

A Twitter investigation poured cold water on the claims, suggesting that up to 20,000 were duplicates and that many were spam accounts which had already been suspended by Twitter.

It does appear though that a proportion of the accounts were legitimate, and Twitter has advised concerned users to change their passwords. It's not yet known how the accounts were compromised; one possible method is that details of legitimate accounts were phished from users using fake Twitter pages.

What to do

Twitter have sent out password resets to accounts affected by this incident, so if you haven't had an email you should be unaffected. However, if you are concerned that your Twitter details may have been compromised or you've noticed strange activity on your account, you should visit the official Twitter website as soon as possible, log in, and change your password. If you use that password on other websites, you should change the password on those too.

If you are unable to log into your Twitter account you should visit Twitter's compromised accounts page for assistance.

Further Reading

• Protect yourself against phishing scams
• Twitter's Compromised Accounts' Help Page
• Twitter Guidelines and Best Practices