The usernames and passwords of more than 55,000 Twitter tweeters were leaked online Monday in a data dump that has puzzled experts. Twitter says that at least 20,000 of the leaked accounts were duplicates, and many more were spam accounts that had already been suspended, InformationWeek reports. Password resets have been sent out to affected accounts, and the possible security breach is being investigated, Twitter says.
But no group has claimed responsibility for the leak, and security experts say it's possible that the account details were obtained through phishing attacks that fooled users into providing details, which would exonerate Twitter's security practices. Tech blogger Chuck McManis speculates that the leak may have been a "white hat operation" carried out by somebody who uncovered a botnet and hit on an easy way of disabling the accounts involved.