Recently, it was reported that more than 32 million Twitter accounts were hacked by a hacker going by the name ‘Tessa88@exploit.im’. Hacker, assumed to be Russian, is trying to sell those accounts online for 10 Bitcoin — which is roughly about $5,780.
The 32,888,300 Twitter user details were sent by the Tessa88@exploit.im hacker to a website called LeakedSource. The website said that in the user data, most of the passwords were in plain text.
LeakedSource said that most of the accounts seem to belong to users in Russia. It also noted that the most commonly used passwords were “123456,” “123456789,” “qwerty” and “password.”
Twitter already investigated about the hacking and said that the passwords were not leaked directly from the company — Twitter has not been breached. The hacker may use some malware in order to gain access to the data.
“If your Twitter information was impacted by any of the recent issues – because of password disclosures from other companies or the leak on the “dark web” – then you have already received an email that your account password must be reset. Your account won’t be accessible until you do so, to ensure that unauthorized individuals don’t have access,” said Twitter in a blog post.
We securely store all passwords w/ bcrypt. We are working with @leakedsource to obtain this info & take additional steps to protect users.
— Michael Coates ஃ (@_mwc) June 9, 2016