A Russian hacker going by the name Tessa88, is reportedly trying to sell the details of millions of Twitter accounts for 10 bitcoins, or almost $5820. The information included with each compromised account may contain any or all of the following information belonging to the user – an email ID, a username, a visible password and an alternate email address.
Although the hacker claims to be in possession of the details tied to 379 million accounts, LeakedSource confirms the number to be 32 million instead, after eliminating duplicates. This breach comes not long after 360 million MySpace accounts were hacked, and 117 million LinkedIn emails and passwords obtained in 2012, were uploaded online.
LeakedSource as well as ZDNet have confirmed the veracity of the story by checking the details with a few people whose account data has been exposed. It is believed that Twitter has not been hacked since the passwords were not uncovered in encrypted form, but in plaintext. The information is more likely to have been stolen via malware.
Millions of PCs may be infected by malware which might have sent saved usernames and passwords from Google Chrome, Mozilla Firefox and other browsers to hackers. If this isn’t a strong enough case against saving information to the browser, we don’t know what is. Twitter has responded by checking its data against the leaked details.
The company has also asked account holders to use a strong password (long ones with numbers and special characters are best), ensure they’re actually on the official Twitter site by checking the URL before entering login information, ensuring their PC has anti-virus software and is updated with the latest security patches, and so on.