Tessa88, the same cybercriminals who claimed to have hacked into LinkedIn, MySpace and Tumblr, just to name a few, are now claiming that they stole the login info of more than 32 Million Twitter accounts, which are being sold in the underground for 10 Bitcoins, which is around $6,000. The login information includes at least one email address per user, their passwords and their usernames.
Though Twitter is denying that their system has been compromised, a search engine site that is known for logging data breaches, LeakedSource, received an email from the infamous Tessa88, that contained copy of Twitter’s database. “Tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter,” states a LeakedSource blog post.
So technically, Twitter is right.
That being said, Mark Zuckerberg’s Twitter account, that has not sent a tweet in years, was hacked last weekend. Those hackers were able to hack Zuckerberg’s Twitter and Pinterest credentials by breaking his SHA1-hashed LinkedIn password string after the major LinkedIn breach, and it is possible that the Twitter user info is merely comprised of records that were already available from previous hacks.
Regardless, the fact that remains is this: Change your social media passwords. All of them. Yesterday.