Twitter Inc. advised users to change their passwords after the company found a bug in its systems that exposed passwords in plain text internally.
The company said it removed the non-encrypted passwords from its system, and is working to avoid such an issue happening again.
An internal investigation “shows no indication of breach or misuse by anyone” and there’s “no reason to believe password information ever left Twitter’s systems or was misused by anyone,” the social-media firm said.
Still, the company advised users to change passwords for Twitter and other services with the same password.
Online privacy scares are common nowadays. However, Twitter’s misstep is disturbing because there’s no reason for companies to store user passwords in plain text, even in internal files, according to Phil Libin, a startup founder and venture capitalist.