Twitter bug causes passwords to be stored in plain text — go change your password now

Twitter is urging its 330 million users to change their passwords after discovering an internal bug in the system.

The bug – which has since been fixed — stored passwords unencrypted in an internal log, according to a blog post from Twitter Chief Technology Officer Parag Agrawal.

READ MORE: Canadians at higher risk of hacks, thanks to their smart devices: report

Usually, passwords are stored using hashing, a process “that masks it so no one at the company can see it,” Agarawal explained, but this bug stored the passwords verbatim in the company’s logs.

Hashing is commonly used for password storing and verification.

Though the company hasn’t seen evidence that the passwords were misused or accessed improperly, Agrawal still says that “out of an abundance of caution,” users should still change your password.

The company is also working on plans to “to prevent this bug from happening again.”

Hackers can exploit built-in speakers of smartphones and devices

00:56

Hackers can exploit built-in speakers of smartphones and devices

00:15

100,000 Bell customers affected by hack

01:09

North Korean hackers focusing their attention on Bitcoin: report

02:16

FBI failed to warn U.S. targets as Russian hackers targeted emails

03:09

Uber reveals it was the victim of a hack

01:13

Uber comes clean on hack affecting 57 million users

02:21

Is Canada vulnerable to major election hacking?

It wasn’t immediately known when the bug was discovered, or how many passwords were affected.

Users should change their Twitter password, as well as any password to other online accounts that is the same, or similar to their Twitter password.

Agrawal also suggested using a strong password that isn’t used on any other site, and enabling two-factor verification for log ins.