Over the last hour or so, there’s been a big spike in the number of folks reporting that Twitter had sent them an email asking them to change their password for security reasons.
What was going on? Had Twitter been hacked? Were these emails real? Was this some mega phishing attempt?
Yes, the emails were real — but no, you weren’t being hacked. Someone at Twitter just hit the wrong button somewhere, triggering an onslaught of password reset emails to go out to people who didn’t actually need them. Your account likely wasn’t ever in any danger (unless, of course, you actually were being hacked and the timing was an unfortunate coincidence.)
“Twitter believes that your account may have been compromised by a website or service not associated with Twitter,” read the original email. “We’ve reset your password to prevent others from accessing your account.”
In a fittingly short statement (as in, it’s 140 characters), Twitter had the following to say about the resets:
We unintentionally sent some password reset notices tonight due to a system error. We apologize to the affected users for the inconvenience.
So, good news: you weren’t hacked. Bad news? You probably will have to reset your password before you can log back in. Could be worse, right?