More than 32 million Twitter users have become the target of a hack that put their passwords and login information up for sale on the Dark Web — but how it happened is still a mystery.
LeakedSource, which claims to have received access to the stolen data from "Tessa88@exploit.im" (a likely hacker that's handed over other credible leaked information before), reported the breach was a direct attack on users rather than the social platform.
Twitter agrees: "We have investigated reports of Twitter usernames/passwords on the Dark Web, and we're confident that our systems have not been breached," the company's trust and information security officer Michael Coates tweeted early Thursday. While this could very well be true, Coates failed to mention there are plenty of other ways hackers can gain access to a user's secured information.
"We have very strong evidence that Twitter was not hacked, rather the consumer was," LeakedSource wrote. "Tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter."
The site is allowing anyone with their login information validate their identity and delete the information for free, but to see the cache one must pay a fee to gain access. While the majority of leaked account information includes passwords like "123456," "123456789," "qwerty" and "password," six out of the 10 most breached email providers included are Russian, which could provide a clue as to where the hack originated.
The 32 million users are the latest to be impacted by a string of hacks making their way onto the Dark Web and into the mainstream media. Myspace likely suffered the largest user-data breach in online history last month with 427 million passwords reportedly going up for sale on the Dark Web. Weeks before that, LinkedIn suffered a hit when 117 million accounts were posted online.
However, haveibeenpwned.com creator Troy Hunt told TechCrunch on Thursday these leaks could all be the result of hacks that occurred years ago. "They may well be old leaks if they're consistent with the other big ones we've seen and simply haven't seen the light of day yet," he told the publication. "Incidentally, the account takeovers we've seen to date are almost certainly as a result of credential reuse across other data breaches."
So, what's the best thing to do in this situation for Twitter users? Change your passwords, clear your DMs and create unique logon information for every site. Unlike Zuckerberg, who apparently uses "dadada" for every social platform he uses.