Twitter has launched an investigation after the popular micro-blogging service was breached and details of 55,000 accounts were published on the Internet by hackers. Despite this, it appears that the spoils were spammer accounts with the published usernames and passwords being of no real value.
In an announcement on their Twitter Communications account, they wrote "we're looking into the situation and have pushed out password resets to potentially affected accounts." They also noted in a separate posting that the 55,000 strong list of usernames and passwords contained over 20,000 duplicates of what they said were "suspended spam accounts and incorrect login credentials."
Hackers affiliated with the online group Anonymous claimed responsibility for the breach, which resulted in the details being published in several postings (one, two, three, four and five) on Pastebin. It's currently unclear if the target was approved by the loosely-knit hacker collective, but given the group's heavy usage of Twitter's micro-blogging service to convey their public message it does appear a rather odd move.
Further updates from Twitter revealed that many of the usernames and passwords were not linked together. In other words, the passwords for the usernames were incorrect, making the credentials completely useless. Those that did work appeared to be spam accounts as well as duplicate entries.
It could also be possible that the data was stolen from the servers of a third party and not from Twitter's servers at all. In either case it will be interesting to see what the outcome of Twitter's investigation reveals.
Password resets have been pushed out for the usernames affected, but those concerned can manually reset their account password by following the steps to change your password on Twitter's website.