Twitter gave an explanation for the forced reset of user passwords issued earlier this week. Twitter offered details on the phishing attack that occurred through torrent sites. The perpetrator then sold “these purportedly well-crafted sites and forums to other people innocently looking to start a download site” Twitter hasn’t identified all of the forums involved, and it probably won’t be able to. The lesson: Don’t use the same email address and password on multiple sites, Twitter’s Del Harvey warns. “As a general rule, if you’ve signed up for a torrent forum or torrent site built by a third party, you should probably change your password there””]
Source: https://www.darkreading.com/attacks-breaches/twitter-gives-details-on-phishing-attack