Source: Rebecca Joseph, Global News, May 3, 2018
Twitter is urging its 330 million users to change their passwords after discovering an internal bug in the system.
The bug – which has since been fixed — stored passwords unencrypted in an internal log, according to a blog post from Twitter Chief Technology Officer Parag Agrawal.
Usually, passwords are stored using hashing, a process “that masks it so no one at the company can see it,” Agarawal explained, but this bug stored the passwords verbatim in the company’s logs.
