Newsletters
Customer Relationship Management News NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home CRM Systems Customer Service Contact Centers Business Intelligence More Topics...
Eliminate costly downtime!
Find out how with Free White Paper
& enter to win a Samsung Galaxy Note

www.apc.com
Network Security
Next Generation Data Center Is Here!
Average Rating:
Rate this article:  
Twitter
Twitter's Sort of But Not Really Password Reset

By Barry Levine
March 4, 2014 1:40PM

Bookmark and Share
The company said Monday that it "unintentionally sent some password reset notices tonight due to a system error," and it apologized "to the affected users for the inconvenience." Twitter has not said how many Twitter users were affected, or why the company believed a hacking attack had taken place but then changed its mind.
 



Twitter informed thousands of its users on Monday that it accidentally reset users' passwords, following an apparent hacking attempt. But then it turned out the hack attack had not happened and that few if any passwords were reset, so the giant social network has issued an apology.

In an e-mail to its users from password@twitter.com, the company said that it believed "your account may have been compromised by a Web site or service not associated with Twitter." As a result, Twitter said, it "reset your password to prevent accessing your account," and the user was asked to establish a new password.

But, it turned out, there was no security breach. Reportedly, some kind of issue with another site triggered the security alert. Some reports have said that no passwords were reset, although a few users have reported that theirs have been.

'System Error'

One user, @MichelleRafter, tweeted: "So yesterday my account didn't get hacked. I was in 1 percent of account @Twitter accidentally reset."

In a subsequent statement, the company said that it "unintentionally sent some password reset notices tonight due to a system error," and it apologized "to the affected users for the inconvenience." Twitter has not said how many users were affected, or why the company thought a hacking attack had taken place but then changed its mind.

The first instinct of a savvy user would be that the e-mail itself was part of a phishing attempt to trick a user into thinking that new login credentials were needed.

One user, @V3CEO, tweeted: "Beware of phishing emails just got one from password@twitter.com asking me to reset password looked realistic"

Another use, @rubinafillion, tweeted: "Did you get a scary e-mail from Twitter about your account being hacked? You can probably ignore it." This tweet contained a link to a story about the false alarm.

'Competing Log Cabins'

Another user, @gaberivera, referenced Twitter's recent installation of two vintage log cabins inside its San Francisco headquarters: "Twitter password reset snafu actually collateral damage from an internal battle between competing log cabins."

This is not the first time that Twitter has reset passwords because of a security-related issue. In November 2012, a similar incident occurred, when the company asked users to reset their logins when they attempted to sign in, because of a hack.

But on that occasion, there actually was a security breach as Twitter's own account spammed ads to users. Until it fixed the problem, the company requested that users not click on those links.

E-mails containing links to reset passwords were sent to user accounts that had been compromised, and those users were required to submit their phone number, e-mail address or Twitter handle before receiving the reset e-mail. The reset e-mail did not request the old password.

In a blog post following that incident, Twitter noted that it had erred on the side of caution. "We unintentionally reset passwords of a larger number of accounts," the post said, "beyond those that we believe to have been compromised."
 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Network Security
1.   Retailers Hacked by New Malware
2.   IBM Beefs Up Identity Intelligence
3.   USB Security Flaw Uncovered
4.   Tor Internet Privacy Service Breached
5.   Canada Says China Hacked Gov't


advertisement
IBM Beefs Up Identity Intelligence
To offer biz better security products.
Average Rating:
Tor Internet Privacy Service Breached
Users should assume they're affected.
Average Rating:
Tor Working To Fix Security Exploit
Bug reportedly reveals ID of users
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Navigation
CRM Daily
Home/Top News | CRM Systems | Customer Service | Contact Centers | Business Intelligence | Sales & Marketing | Customer Data | CRM Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.