Almost five months to the day since LinkedIn was hacked and data-mined for passwords, Twitter is now issuing a ton of emails telling users that they must reset their passwords, because Twitter suspects a “Third-party” is going to do some evil-doer wrong-doing.
I first found out about this when I woke up and tried to access my twitter account (yes, it was the first thing I did this morning, even before breakfast, lol.) I first thought I had hit the “Forgot Password” link, since my eyes were still kinda closed from being only partially awake. Turns out though that I don’t need caffeine this morning, ’cause the adrenaline rush at the thought of someone having access to my Twitter account shocked me enough to be fully cognizant.
According to the multitude of tweets (ironically) calling out about Twitter users having to reset their passwords, it’s safe to say that perhaps thousands if not closer to a million emails were sent out early this morning.
The email is quite brilliant though; it in fact gives you a link to reset your password.
Uh… what did mommy tell you about strangers and strange emails? Never listen to them, never click on those links. Especially if they’re asking you to reset your password.
The good news is, even if you do receive this email, ignore it. Honestly, don’t touch it. The contents of this email, particularly since its gone out to quite a number of people all at once, are eventually going to get into the wrong hands. And when that happens, that “verified” link to reset your password is going to be what those third-party evil-doers are going to use to get your password, and whatever else they can come up with. As you should, whenever you feel you need to update a password for any account, go directly the source. Go to your Twitter account whenever you feel up to it, and if Twitter wants you to reset your password, it will make you. If you can log in just fine, Twitter never sent you an email.
The other part that I enjoy about this email is that it passive-aggressively says that this issue is all your fault. Its all very borderline and ambiguous, but the email could be read as, “You allowed a third-party app to hack your account, nice job.”
Particularly this little gem:
[box type=”warning”] Review your approved connections on your Applications page at https://twitter.com/settings/applications. If you see any applications that you don’t recognize, click the Revoke Access button.[/box]
Whatever it was that encouraged Twitter to mass mail even a tenth of it’s account holders, if someone deep-dived into their data for our personal info, I just hope they find a way to own up to it.
Of course, this is also a fantastic moment to remind you that whatever information you save online can eventually be hacked one day (as long as we have smart security checks, there will always be some smarter genius hacker just chomping at the bit (no pun intended,) wanting to prove they could get in and mess stuff up.) So if you don’t want certain info found, don’t put it online.