Twitter has emailed many of its users to recommend that they reset their password because their accounts were hacked. TechCrunch released this information shortly after they received the email from Twitter because their account was one of those compromised.
TechCrunch’s Twitter account is one of the most obviously compromised accounts because several posts about potential work from home scams appeared on it during the breach. However, it didn’t take long for editors of the well-known tech publication to regain control of their account and begin advising their readers to avoid clicking on any posts about working from home that appeared on their Twitter account.
Twitter’s warning email to users comes with a link that will take recipients to the page where they can reset their password. However, experts recommend that Twitter users simply log into their accounts and change the password without using the link. This is because a common phishing technique is to send out emails with a link that actually enables the phisher to steal the user’s information rather than change their password. TechCrunch is now calling for Twitter to deploy two-factor authentication in the future as an added layer of account security.
At this point Twitter is not releasing any information about what may have caused users’ accounts to be compromised, but they are recommending that users avoid sites that claim to be able to increase the number of followers they have. Twitter also recommends that users look into the third-party apps that they have authorized to access their account. However the social media network does come up just short of saying whether the compromise of accounts is due to a data breach, a hack or something else.
Twitter is also not releasing any details on exactly how many accounts were compromised. Experts say it is not uncommon for companies to err on the side of caution and warn many more users than those who were actually affected by a breach.