Update Twitter has apologised for "unintentionally" resetting the passwords for a large number of its user accounts.
In normal circumstances the social network resets the login details for any account feared to have been hijacked. But it appears someone in Twitter today overreacted and pushed the reset button on a lot of accounts, including ones that had not been compromised.
Twitter said it reset the passwords on "a larger number" of accounts than necessary. This was the explanation on the Twitter status page:
In instances when we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users.
In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologise for any inconvenience or confusion this may have caused.
Twitter wouldn't elaborate on how many that "larger number" was. In the email sent out with the password resets, the cause of alarm was pinned down to a security breach in a third-party website that accesses Twitter feeds.
The email users received read:
Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others from accessing your account.
You'll need to create a new password for your Twitter account.
Update: Twitter has been in touch since the publication of the story to confirm that there was no security breach.