Twitter Locks Accounts Following Dark Web Investigation

twitter hack account dark web
The Twitter logo on a banner outside the New York Stock Exchange in November 2013. Twitter has responded to user account details appearing on the dark web by suspending accounts. Andrew Burton/Getty Images

Twitter has locked the accounts of millions of users that may have had their login credentials leaked onto the internet.

More than 32 million Twitter account details have appeared on the website LeakedSource, a search engine for leaked records, although it is not clear how they were obtained.

LeakedSource said in a blogpost that the Twitter credentials are being traded in the tens of millions on the dark web—a section of the Internet that requires specialist software to access, such as the Tor browser.

"We've investigated claims of Twitter @names and passwords available on the 'dark web' and we're confident the information was not obtained from a hack of Twitter's servers," Michael Coates, an information security officer at Twitter, said in a blogpost Friday.

"The purported Twitter @names and passwords may have been amassed from combining information from other recent breaches, malware on victims' machines that are stealing passwords for all sites, or a combination of both. Regardless of origin, we're acting swiftly to protect your Twitter account."

Coates said that users impacted by the issues have been contacted via email requesting them to reset their password in order to regain access to their accounts.

The leaked account details emerged in the same week that Facebook founder Mark Zuckerberg had several of his social media accounts hacked, including his Twitter profile. According to LeakedSource, Zuckerberg's details were not included in the database.

"We have very strong evidence that Twitter was not hacked, rather the consumer was," LeakedSource's blogpost stated. "These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.

"The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter.

"The lesson here? It's not just companies that can be hacked, users need to be careful too."

Twitter Locks Accounts Following Dark Web Investigation | Tech & Science