Twitter has adviced its 336 million users change their passwords.The company announced on Thursday it discovered a bug that saved user passwords unprotected on an internal log.
Twitter said it has since fixed the issue. Although the company said there is no evidence passwords have been leaked or misused, it is urging its users to update their passwords.
The glitch was related to its use of “hashing”, which masks passwords as users enters them by replacing them with numbers and letters, according to its blog.
A bug caused the passwords to be stored on an internal computer log before the hashing process was completed.
As well as changing passwords, users have been advised to turn on two-factor authentication service to help stop accounts being hacked.
Twitter’s chief technology officer Parag Agrawal initially said the company did not have to reveal the information but believed it was the “right thing to do” – before correcting his “mistake”.
The company declined to comment on when the bug was discovered, how long it had been storing passwords in this manner and how many passwords were affected. But twitter maintained that “this is not a breach.”
Twitter is prompting users to change their passwords via a pop-up window on the site that explains the nature of the bug and links to their Settings page.