A hacker claims to have obtained a cache of millions Twitter
user credentials, and is reportedly selling it for 10 Bitcoins.
The seller, who goes by the name Tessa88, claims to have access to credentials of over 379 million accounts. Of course, since this is above Twitter's official active user base figure of 310 million, it is thought to include disabled and inactive accounts as well.
News of the database being up for sale was reported by LeakedSource, a security firm that claimed
that after removing duplicates, the leaked cache in fact contained over 32 million user credentials. The leak is supposed to contain usernames, email addresses, and plain-text passwords.
LeakedSource adds that the likely source of the cache was not a breach of Twitter's systems, but rather malware that stole credential details from browsers. The passwords were in a plain-text format, with no hashing or encryption, making it unlikely to have been obtained from Twitter's systems, the security firm says.
Twitter has since responded to the reports, with a spokesperson telling
Reuters India that the company is "confident that usernames and credentials were not obtained by a data breach, [and that] systems have not been breached."