Massive Dump of Twitter Passwords Appears on Pastebin

Hours after Twitter announced its plan to support one of its users in a court case, and thereby, stand up for the larger cause of online privacy and protection of the First Amendment’s free speech, a massive dox of Twitter accounts appeared on Pastebin. The dump contains nearly 55,000 usernames and passwords. However, it was also found later that many of these login credentials were redundant and some others did not match with any account.

In conversation with CNET, Twitter spokesperson Robert Weeks said,twitter-logo

We are currently looking into the situation. In the meantime, we have pushed out password resets to accounts that may have been affected. For those who are concerned that their account may have been compromised, we suggest resetting your passwords and more in our Help Center.

Twitter has also found that nearly 20,000 of the accounts in the list of 55,000+ were duplicates, and many others did not match as proper login credentials. Though, it was good to see that Twitter took care to force password resets for users whose accounts appeared on that list.

At the moment, it is unclear who carried out this hack and why. The Pastebin page containing the hacked accounts can be found here. However, there might be a relation between Twitter’s announcement to stand up for one of its users in a court case and this hack. Until now, Pastebin has been used by Anonymous for releasing doxes, but a drum roll usually accompanies it.

Published by

Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. You can connect with him on Twitter @ckandroid.