Twitter responded to a recent massive dump of usernames and passwords, saying that many of them were duplicates or banned spam accounts.

Twitter responded to a recent massive dump of usernames and passwords, saying that many of them were duplicates or banned spam accounts.

On Monday, five files were uploaded to the text storage website Pastebin.com. These files stored over 55,000 username/password combinations of Twitter users. Only allowing 512 kb uploads, the website could not accept the massive dump of information in a single file.

Twitter spokeswoman Rachel Bremer said of the situation via email that "We are currently looking into the situation." She also attempted to discredit the attempt as a whole, claiming that "It's worth noting that, so far, we've discovered that the list of alleged accounts and passwords found on Pastebin consists of more than 20,000 duplicates, many spam accounts that have already been suspended, and many login credentials that do not appear to be linked (that is, the password and username are not actually associated with each other)."

Public sentiment towards the situation is not friendly. Users entrust a good deal of personal information to social networking websites, believing that the information will be guarded with security and care. However, it is possible that the information was not obtained via an exploit or security flaw, but through phishing attacks. In that case, the blame would not fall to Twitter, but on users careless enough with their information to use fake “bugged” versions of the Twitter website.

Although no less than 58,978 accounts were uploaded to Pastebin, the actual percentage of violated users is quite low. If Twitter's claim to 140 million active users is accurate, then the number of accounts on Pastebin constitutes approximately 0.04% of Twitter's active user base.

Source: InformationWeek