clock menu more-arrow no yes mobile

Filed under:

Twitter Snafu Triggers Mass Reset of User Passwords

Luckily, it doesn't appear to be a hack.


If you’re a Twitter user, you may have an email sitting in your inbox telling you to change your password right now.

You aren’t alone.

A number of Twitter users received password reset request emails from the microblogging service on Monday evening after being temporarily locked out of their accounts. Those affected were not immediately notified as to the exact reason for the password reset request.

“Twitter believes that your account may have been compromised by a website or service not associated with Twitter,” the email sent to users said. “We’ve reset your password to prevent accessing your account.”

The problem does not appear to be the result of a security breach. According to a Twitter spokesman, the mass reset was accidentally triggered by the company itself.

“We unintentionally sent some password reset notices tonight due to a system error,” a Twitter spokesman told Re/code. “We apologize to the affected users for the inconvenience.”

The number of affected users was far less than one percent of the company’s base.

Though apparently accidental, many confused users took to Twitter for hours on Monday, complaining about the password reset requests and asking whether or not the service was hacked. (My colleague, Peter Kafka, also received such a request.)

Twitter is no stranger to security scares. Last year, the company disclosed that its systems had been attacked by an unidentified group of hackers, potentially exposing the usernames, email addresses and other sensitive information of approximately 250,000 of its users.

Those affected should be able to regain access to their accounts after updating their password information.

This article originally appeared on

Sign up for the newsletter Sign up for Vox Recommends

Get curated picks of the best Vox journalism to read, watch, and listen to every week, from our editors.