Photo: Diptendu Dutta / AFP/ via Getty Images
Twitter advised that all users change their passwords Thursday after the social media site discovered it had stored them in a log in plain text rather than encrypted form.
According to a blog post from the company, there is no evidence that passwords were misused or stolen, and the advisory is out of caution. The announcement, at roughly 4 p.m. Eastern time, came just as the market closed. Twitter stock immediately dropped 2.5% in after hours trading, then recovered most of the loss.
What they're saying: "We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day," wrote Parag Agrawal in the Twitter blog.
Why it matters (to users): The best practice in the industry is to keep all personal information in a format that cannot be read by hackers or employees. That minimizes the impact in the case of an insider breach.
Why it matters (to Twitter): Following the Facebook scandals, trust in social media sites is at a low. Minimizing any potential risk is not just good ethics, it's also good business.