Some of our readers may have noticed messages from Twitter in their email inboxes this morning. According to Twitter, while sending ordinary warnings to users whose accounts were believed to be compromised, they accidentally reset passwords for unaffected accounts. As Twitter said in a public statement, “In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologize for any inconvenience or confusion this may have caused.”
This might not be the full story, as prominent twitter accounts such as TechCrunch were compromised last night.
You may have received an email in your inbox this morning that reads:
Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We’ve reset your password to prevent others from accessing your account.You’ll need to create a new password for your Twitter account. You can select a new password at this link:(Link should begin with “https://twitter.com/pw_rst/”)As always, you can also request a new password from our password-resend page: https://twitter.com/account/resend_password
Despite the odd wording, the message is genuine. (Though you should verify that the link address actual leads to what it displays, as ne’er-do-wells can embed phony hypertext links on top of benign URL text.) Despite Twitter’s assurance that they emailed more users than they meant to, if you’ve been emailed it may be a good idea to reset your password anyway, since there’s no way of telling whether your account was actually compromised or if you’ve been hit with an overreaction from Twitter’s staff.
No comments:
Post a Comment