May 3 (UPI) — Twitter encouraged all of its users to change their passwords Thursday after discovering a bug that caused passwords to be stored without proper encryption.
The social media platform discovered a bug that caused user passwords to be stored in an internal log without going through a process known as “hashing” in which password characters are replaced with a random set of numbers and letters.
“Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again,” Twitter’s Chief Technology Officer Parag Agrawal wrote in a blog post.
Parag said the bug has been fixed and an investigation showed there was no indication of breach or misuse by anyone.
He still encouraged users to change their passwords “out of an abundance of caution” and Twitter pushed a pop-up window to users explaining the bug and including a link to the settings page.