It's unclear who is responsible for posting passwords for Twitter accounts to a public Web site
Twitter is investigating the release of what appear to be thousands of user account passwords and e-mail addresses.
"We are currently looking into the situation. In the meantime, we have pushed out password resets to accounts that may have been affected," Twitter spokesman Robert Weeks told CNET in an e-mail. "For those who are concerned that their account may have been compromised, we suggest
resetting your passwords and more in our Help Center."
The user data, so vast that it took five Pastebin pages to post, was released yesterday and blogged about on Airdemon.net, putting the number of accounts affected at 55,000 or more. It's unclear who posted the data, and why.
Weeks disputed that estimate, noting that many of the passwords and accounts seemed like duplicates.
"It's worth noting that, so far, we've discovered that the list of alleged accounts and passwords found on Pastebin consists of more than 20,000 duplicates, many spam accounts that have already been suspended and many log-in credentials that do not appear to be linked (that is, the password and username are not actually associated with each other)," he said.
The list does appear to be a bit odd, with many passwords that appeared to be robust and a separation between e-mail addresses and user IDs that hacker Adrian Lamo noted on Twitter wasn't representative of a typical password dump.
