Twitter comes clean over password reset gaffe
Social networking site admits recent security clampdown resulted in unnecessary password resets for some users.

Social networking site Twitter has been commended for admitting it reset more user passwords than it intended to during a recent security blitz.
The company came clean about the gaffe in a blog post yesterday. In it, the firm explained that it regularly resets the passwords of accounts that appear to have been compromised.
"We reset the password and send an email letting the account owner know this has happened along with information about creating a new password," said the post.
"This is a routine part of our processes to protect our users."
The company then went on to confess that it reset more passwords than it needed to during a recent security clampdown.
"We unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised [and] we apologise for any inconvenience or confusion this may have caused," the post concluded.
Speaking to IT Pro, Graham Cluley, senior technology consultant at security software vendor Sophos, said Twitter was right to admit its mistake, adding that it was unlikely to have caused users many problems.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"People end up trusting a company more when they admit they made a boo-boo than if they tried to initiate a cover-up," he said.
"It's inconvenient for those affected...and people who hadn't had their accounts compromised might panic they had been hacked, and waste time trying to determine if anything bad had happened."
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
96% of SMBs are missing critical cybersecurity skills – here's why
News The skills shortage hits SMBs worse as they often suffer from a lack of budget and resources
By George Fitzmaurice Published
-
Sophos Firewall Virtual review: Affordable network protection for those that like it virtualized
Reviews Extreme network security that's cheaper than a hardware appliance and just as easy to deploy
By Dave Mitchell Published
-
MSPs are struggling with cyber security skills shortages
News A shortage of tools and difficulties keeping pace with solutions were also ranked as key issues for MSPs
By George Fitzmaurice Published
-
Nearly 70 software vendors sign up to CISA’s cyber resilience program
News Major software manufacturers pledge to a voluntary framework aimed at boosting cyber resilience of customers across the US
By Solomon Klappholz Published
-
Sophos and Tenable team up to launch new managed risk service
News The new fully managed service aims to help organizations manage and protect external attack surfaces
By Daniel Todd Published
-
Ransomware groups are using media coverage to coerce victims into paying
News Threat actors are starting to see the benefits of a more sophisticated media strategy for extracting ransoms
By Solomon Klappholz Published
-
Shrinking cyber attack “dwell times” highlight growing war of attrition with threat actors
News While teams are becoming more proficient at detecting threats, attackers are augmenting their strategies
By Ross Kelly Published
-
Cyber security in the retail sector
Whitepapers Retailers need to ensure their business operations and internal data aren't breached
By ITPro Published