In the wake of a number of 'mega breaches' at social media platforms, including Myspace, Tumblr and LinkedIn, it appears that Twitter users could be the latest victims of hacking as over 32 million credentials have reportedly surfaced online, reports International business Times. Breach notification website LeakedSource obtained and uploaded a copy of the data to its searchable databases and it claims each compromised record – 32,888,300 in total – contains an email address, username, sometimes a second email and a clear-text password. Twitter, so far, has maintained it has not been breached. In a statement to TechCrunch, a Twitter spokesperson said: "We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached. In fact, we've been working to help keep accounts protected by checking our data against what's been shared from recent other password leak."
The news comes as a Twitter-based hacking spree hit a number of public figures and celebrities – including rock band Tenacious D, the rapper Drake, TV personality Kylie Jenner and even Facebook CEO Mark Zuckerberg.
Interestingly, it reveals the data was likely collected directly from users due to "malware infecting browsers" rather than directly from Twitter. Based on its email analysis, most of the impacted users appear to be located in Russia. "Passwords were stolen directly from consumers, therefore they are in plaintext with no encryption or hashing. Remember that Twitter probably doesn't store the passwords in plaintext, Chrome and Firefox did," said LeakedSource.