Twitter has called on its 336 million users to reset their account passwords. The company said a “bug” had caused account passwords to be written in plain text to an internal log, before encryption via a masking/hashing process.
The company has since found the error and removed all plain text passwords.
The company’s CTO Parak Agrawal said in a blog post, published on May 3: “Our investigation shows no indication of breach or misuse by anyone.”
The company warned that system admin could have seen the passwords however and warned all users to change them as a precaution.
How should businesses react?
Paul Walker, technical director at access management specialists One Identity, told Computer Business Review: “Ask yourself, who within your organisation is responsible for the organisation’s Twitter account, what governance processes are in place around the regular change of this password and what password policy is in place?”
He added: “The likelihood is that this is a manual process today, even more so due to the fact that Twitter offers no API to programmatically change account passwords. All is not lost, recent innovation in the form of Privileged Passwords provides the governance security framework to enforce regular password changes on social media accounts, including Twitter.”
Google Cloud Migration
The admittance of a system error came on the same day Twitter announced it was moving a significant section of its infrastructure to Google’s Cloud platform.
Prior to Twitter announcing it would use Googles cloud platform, it had housed its Hadoop file systems within its own in-house data centres, which host more than 300PB of data across thousands of servers.
In a previous engineering post on their platform, Twitter’s Principal Data Engineer Gera Shegalov highlighted just how important these clusters are: ‘’Hadoop is at the core of our data platform and provides vast storage for analytics of user actions on Twitter.’’
Twitter’s move is a significant scalp for Google in the battle for market share in the cloud computing service industry. However it is only one step in the battle against Amazon Web Services (AWS), which has hovered around the 30 percent market share number; while Google aims to push past the 10 percent mark.
Brian Stevens, CTO of Google Cloud, welcomed the announcement. “Google Cloud Platform’s data solutions and trusted infrastructure will provide Twitter with the technical flexibility and consistency that its platform requires, and we look forward to an ongoing technical collaboration with their team.”
While Google has complete dominance in the internet search market, it has struggled to catch up to industry leaders in providing companies and users with cloud computing solutions.
Even though AWS is the one to beat in the cloud services market, for Google the battle is with IBM and Microsoft. Both companies are ahead in market share, but a vote of confidence from a large high profile client like Twitter could shift the balance.
If you would like a more detailed report on the battle over Cloud infrastructure services see our breakdown of recent market results.