Tens of millions of stolen Twitter credentials evidently lifted from web browser programs were put up for sale online, according to a search engine devoted to leaked data.
Twitter was adamant that its computer systems had not been broken into by hackers, and that it was not the source of any account information being hawked on the Internet.
“We are confident that these usernames and credentials were not obtained by a Twitter data breach — our systems have not been breached,” a Twitter spokesperson said yesterday.
“In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks,” the spokesperson said.
According to LeakedSource.com, tens of millions of Twitter credentials are being traded on the “dark web,” a section of the Internet accessed by special software.
The data set reportedly contained more than 32 million Twitter records that could include information such as usernames, passwords, or email addresses.
LeakedSource said in a blog post that it got a copy of the data set, and noted that it was Twitter users who were evidently hacked and not the San Francisco-based one-to-many messaging service.
It appeared that hackers got the information by using malicious code that steals data from web browsing programs.
LeakedSource described itself as a search-engine capable of searching over 1.8 billion leaked records gathered “over a relatively short period of time through a combination of deep-web scavenging and rumor-chasing.”