A possible Twitter hacking had users of the social network prompted with password resets on Thursday. However, notification emails were also sent to non-compromised accounts, and the company had to clear confusion surrounding the issue.
TechCrunch was the first to report the Twitter hacking on Thursday morning. The website's Twitter account had been hacked with "$250 tweet" links.
Twitter, which celebrated its sixth birthday and 140 million users in March, automatically resets the password of a compromised account and sends the user an email notifying them of the breach.
The micro-blogging company then sent an email to TechCrunch about the password reset. "Twitter believes that your account may have been compromised by a website or service not associated with Twitter," the notification email sent to TechCrunch reads. "We’ve reset your password to prevent others from accessing your account." Advising,"You’ll need to create a new password for your Twitter account."
However, Twitter later clarified that notifications were unintentionally sent to non-compromised users. Too many emails had been sent out.
Twitter responded to the alleged hacking incident on its website.
We’re committed to keeping Twitter a safe and open community. As part of that commitment, in instances when we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users.
In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologize for any inconvenience or confusion this may have caused.
The company did not reveal how many Twitter accounts were actually hacked versus how many accounts were sent the notice accidentally, CNBC notes.
Twitter advises users to check they are using the actual website by making sure the browser's address bar reads https://twitter.com. The company also warns users of using websites or services that promise to get them more followers.