When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.
Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password. You can change your Twitter password anytime by going to the password settings page.
I like how the story is titled “Keeping your account secure”.
Test driven development before release into production is generally considered good practice. How do they perform account verification to verify, for instance, that Trump is really @RealTrump ? Oh, this tiny thing called cross verification…
Verification badges are more a status symbol than actually there to indicate whose identity has been verified and whose hasn’t. They will strip these badges from anyone out of spite.
Trump will probably lose his once he leaves office, especially if he does not sit through two terms but loses the election or something else happens.
Edited 2018-05-04 09:17 UTC
Again
Do they find no indication of breach in the same way that Spotify finds no such breaches, despite user credential dumps being leaked online no less than three times in the past two years?
It’s perfectly valid to find no indication of a breach, even if it is immensely obvious how to perform such an attack.
Some attacks do not leave obvious evidence.
Edited 2018-05-04 18:33 UTC
I like how the story is titled “Keeping your account secure”.
Yup, the same reason that transformed “patch” into “update” – we didn’t correct errors (there are none!), we made your experience better… Yeah, right…