Sophos Cloud Optix
Twitter goofed, sending out a deluge of password-reset emails on Monday evening that turned out to have been triggered by a system error.
Here’s part of the email sent to affected users:
Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others from accessing your account.
You'll need to create a new password for your Twitter account...
A spokesperson owned up to the glitch on The Next Web and other news outlets after a number of users received the messages.
TNW quoted the Twitter spokesperson:
We unintentionally sent some password reset notices tonight due to a system error. We apologize to the affected users for the inconvenience.
There’s no indication that the problem stems from anything other than a simple error.
But, while we’re here, it’s worth making sure you’re not one of the majority of people who still use the same password across multiple sites.
Real breaches happen all too often, so it’s wise to not reuse passwords.
If someone gets hold of that one-password-fits-all, they get the keys to your online kingdom.
Don’t make it easy for them.
I thought a key way of identifying an e-mail as being a phishing e-mail is a link to a webpage where you can enter your password. (That the big FAIL here in my opinion.)
You won’t have to wait long for phishy versions of this e-mail…
Password resets down’t ask you for the old password, but a new one,
Depending on the system you may get emailed a new random one, or it may be the link its self that acts as a sort of password. I’m not entirly sure how that one works down to the nuts and bolts though!