Twitter has a teeny, tiny polite suggestion for everyone on its platform: Maybe go ahead and change your password. Like, now.
The social media company announced Thursday in a blogpost that a now-fixed bug meant Twitter passwords were stored “unmasked in an internal log,” and, yeah, whoops!
While the company insists that it’s found no evidence of abuse, you really don’t want to wait around to find out whether or not that assessment turns out to be correct.
In other words, it’s time for every single Twitter user to change his or her password — and potentially not just for Twitter.
“Out of an abundance of caution,” wrote Twitter CTO Parag Agrawal, “we ask that you consider changing your password on all services where you’ve used this password.”
In other words, if you’ve recycled your Twitter password for other sites (which you shouldn’t be doing), you should change the password for those accounts too.
I’m sorry that this happened, but am proud to work at a company that puts people who use our service first.
— Parag Agrawal (@paraga) May 3, 2018
In the announcement, Agrawal provided additional detail as to how all this went down.
“Due to a bug, passwords were written to an internal log before completing the hashing process,” he explained. “We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.”