Twitter’s 330 million users are being urged to change their passwords after some were exposed in plain text on its internal network.
An error in the way the passwords were handled meant some were stored in easily readable form, said Twitter.
The passwords should have been put through a procedure called “hashing” making them very difficult to read.
Security experts said the way Twitter handled the potential breach was “encouraging”.
The bug caused the passwords to be stored on an internal computer log before the hashing process was completed.
In a blog, the social network said once the mistake was uncovered it carried out an internal investigation which found no indication passwords were stolen or misused by insiders.
However, it still urged all users to consider changing their passwords “out of an abundance of caution”.
Twitter did not say how many passwords were affected but it is understood the number was “substantial” and that they were exposed for “several months”.
Twitter discovered the bug a few weeks ago and has reported it to some regulators, an insider told Reuters.
Chief executive Jack Dorsey tweeted to say the “bug” had been fixed.
See full article on BBC website http://www.bbc.co.uk/news/business-43995168