The company said Thursday it recently discovered a bug that stored passwords in an internal log that wasn't encrypted.
Twitter said there's no indication there was a breach or that any of the passwords were misused.
Still, the underlying message is-better safe than sorry.
We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ— Twitter Support (@TwitterSupport) May 3, 2018
A cyber security expert at San Jose State University said Twitter handled the situation well by acting quickly and announcing the problem itself.
He added this is something that will continue to happen.
"The software is created by humans and fixed by humans and hacked by humans, so, we're going to face this one every single day. It's how fast you are and how accurate you are in detecting the problems and mitigating the risk," said Ahmed Banafa.
Banafa said to protect yourself you should change your passwords every 90 days, make sure your passwords are long and complicated and keep an eye on your account activity.
He said it could be a few more days or weeks before it's truly known if any Twitter accounts were compromised.
Click here for their full statement.
Click here for more stories and videos about Twitter.