In an e-mail to its users from password@twitter.com, the company said that it believed "your account may have been compromised by a Web site or service not associated with Twitter." As a result, Twitter said, it "reset your password to prevent accessing your account," and the user was asked to establish a new password.
But, it turned out, there was no security breach. Reportedly, some kind of issue with another site triggered the security alert. Some reports have said that no passwords were reset, although a few users have reported that theirs have been.
One user, @MichelleRafter, tweeted: "So yesterday my account didn't get hacked. I was in 1 percent of account @Twitter accidentally reset."
In a subsequent statement, the company said that it "unintentionally sent some password reset notices tonight due to a system error," and it apologized "to the affected users for the inconvenience." Twitter has not said how many users were affected, or why the company thought a hacking attack had taken place but then changed its mind.
The first instinct of a savvy user would be that the e-mail itself was part of a phishing attempt to trick a user into thinking that new login credentials were needed.
One user, @V3CEO, tweeted: "Beware of phishing emails just got one from password@twitter.com asking me to reset password looked realistic"
Another use, @rubinafillion, tweeted: "Did you get a scary e-mail from Twitter about your account being hacked? You can probably ignore it." This tweet contained a link to a story about the false alarm.
Another...