It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Twitter Admits All Passwords Visible to Employees Due to ‘Bug’ and Advises Password Change

page: 1
5
<<   2  3 >>

log in

join
share:

posted on May, 3 2018 @ 06:33 PM
link   
Twitter has "announced" as many as 300 million user passwords have been visible to lots of employees because of a "bug" !!

They say nothing unusual happened and they didn't even have to tell you !!

But from the bottom of their heart, they are anyway.

And still are advising people to change their passwords even though they "fixed it" and there's no reason to be "alarmed" !!

Gotta wonder how many accounts of any special kind got "compromised" and "un-checked" !!


Twitter Admits All Passwords Visible to Employees Due to ‘Bug’ and Advises Password Change

Social media company Twitter has advised users to change their account passwords after it was discovered that a bug resulted in user passwords being stored in an insecure manner.

In a blog post titled “Keeping your account secure,” company CTO Parag Agrawal explained that the platform utilizes software that masks user passwords, preventing anyone at the company from viewing them. But due to a bug, all user passwords were stored in plaintext in an internal log. Agarwal says that they have investigated and fixed the bug and so far have found no signs of misuse or breach of user data.

😉




posted on May, 3 2018 @ 06:41 PM
link   
I always ask my wife why she has these social media accounts. I just don’t understand exposing my personal information to these immoral data collectors.



posted on May, 3 2018 @ 06:46 PM
link   
a reply to: xuenchen

They actually don’t have to tell you. Maybe stop spreading doom porn and encourage others to fully read contracts and be helpfully a contributing member of ATS.
All you do is contradict yourself every other day and post nothing helpful. I truly believe your only reason for being here is help great a larger divide in America. And sadly it is working for the uneducated individuals.



posted on May, 3 2018 @ 06:52 PM
link   
a reply to: xuenchen




But due to a bug, all user passwords were stored in plaintext in an internal log.


A plaintext log?
No way, that is a bug!

You don't just randomly write something that makes *the* biggest no no of all no nos of password storing.

Either it is deliberate or it is a mistake, but it is definitely not a bug.



posted on May, 3 2018 @ 07:02 PM
link   
Class Action Lawsuit, Please.



posted on May, 3 2018 @ 07:10 PM
link   
I would image that any Twitter user who has ever been a victim of identity theft could bring a case against Twitter for negligence.



posted on May, 3 2018 @ 07:13 PM
link   
A minimal check during development would reveal this.

I tend to think it was the design because someone would have seen it long ago.



posted on May, 3 2018 @ 07:14 PM
link   
a reply to: xuenchen


So the POTUS, Twitter account is compromised. That is not cool....he shouldn't be tweeting the crap he does, including threatening other countries with a Tweet. Its unacceptable to say the least, but someone could set him up.









edit on 3-5-2018 by kurthall because: fix



posted on May, 3 2018 @ 07:18 PM
link   
a reply to: xuenchen

Twitters are for niTWITS



posted on May, 3 2018 @ 07:18 PM
link   

originally posted by: Allaroundyou
a reply to: xuenchen

They actually don’t have to tell you. Maybe stop spreading doom porn and encourage others to fully read contracts and be helpfully a contributing member of ATS.
All you do is contradict yourself every other day and post nothing helpful. I truly believe your only reason for being here is help great a larger divide in America. And sadly it is working for the uneducated individuals.



Creating a larger divide in America?
Did we read the same post?

A company has screwed up big time by storing 300 million passwords in plaintext. That in itself is a greater breach of security than actually being hacked and having all your salted user data stolen. It is beyond terrible.

They say that they have found "no signs" of "misuse "- however, if the date lies in plaintext, that says so little, that it is actually misleading. There are thousands of ways (well, no, not really) to leave virtually no signs behind after having compromised. Especially in a infrastructure that lax in security!

I would say there is cause for concern - they are *very* vague about whether or not anyone has been compromised. Actually they do not even mention it and instead talk about misuse without ever defining what *that* constitutes.

They don't come out and say the assuring "we don't believe anyone has seen your passwords" or "the plaintext list was never accessed by anyone".

There is likely a reason for that.


Anyway, point is, this is a very real and important story, and I don't know why you read all that into it.



posted on May, 3 2018 @ 07:24 PM
link   
Go news is twitter really doesn't do much. It's not ecommerce or performing control functions (other than some people's minds).



posted on May, 3 2018 @ 07:24 PM
link   
a reply to: DupontDeux

Great post.
Why would anyone defend a company for being so careless with extremely private information?

How many employees does Twitter actually have, anyways?
Are they ALL honest and trustworthy?



posted on May, 3 2018 @ 07:32 PM
link   
So Twitter employees could at any time have posted to anyone's account if they wanted to. No problem in that


I wonder how many employees have come, gone, quit or been fired while it was available to them.



posted on May, 3 2018 @ 07:33 PM
link   
Not much personal info there unless it's been posted in tweets.



posted on May, 3 2018 @ 07:48 PM
link   

originally posted by: roadgravel
Not much personal info there unless it's been posted in tweets.


Great for smear campaigns.

And selective censoring too !!

🧐🔑



posted on May, 3 2018 @ 07:50 PM
link   
a reply to: DupontDeux


Yea we read the same post though I was referring to other posts. I don't use twitter and think the whole thing is stupid and spreads disinformation at a fast rate. They have not violated any laws and someone would know that if they read the terms and conditions.



posted on May, 3 2018 @ 07:53 PM
link   

originally posted by: IAMTAT
a reply to: DupontDeux

Great post.
Why would anyone defend a company for being so careless with extremely private information?

How many employees does Twitter actually have, anyways?
Are they ALL honest and trustworthy?


Clearly you don't know how I feel about Twitter. Which is fine because why would you? I am only pointing out what should be clear as day.
If you call a help line for hardware or software they will ask for info so they can verify who you say you are. They already have the info in front of them. So why be upset when Twitter does that?



posted on May, 3 2018 @ 07:55 PM
link   
A company worth billions (not sure why) can't get a couple of descent programmers. I imagine there is a lot of finger pointing going on there unless it is just a cover story.



posted on May, 3 2018 @ 07:58 PM
link   
a reply to: roadgravel

I think they got caught and were "told" to publish an excuse.

Confucius said:
"Success is the hardest thing to beat, and Failure is the hardest thing to fix"

💡



posted on May, 3 2018 @ 08:00 PM
link   
a reply to: roadgravel

That's not the problem though.

Many people use the same password on more than one site and the password and real name combined is not good to have floating around the Internet.

Also imagine if a rabid partisan employee got angry and had the password so they could post to others accounts. Or even if they just disliked something someone posted, they could mess with them.

Hopefully this will be all over the news so people can deal with it. I'm suspicious that Twitter has a motive for suddenly announcing this.




top topics



 
5
<<   2  3 >>

log in

join