All passwords reset, though.
In their recent blog post Twitter announced that they were recently a victim of a hacking incident. An unusual pattern was detected which led them to identifying unauthorized access to user data.
“This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. ”
Apparently 250,000 user accounts were compromised wherein the attackers may have had access to limited user information, including encrypted version of account passwords and associated email addresses. Since the passwords were still salted/ encrypted, no real harm would be done immediately.
For each one of these compromised accounts, Twitter has reset the password and sent a new password recovery email to each account. If your account was one of the unfortunate one’s to get accessed, Twitter will have recently sent you an email requesting a reset, or will do soon.
Twitter suggests to maintain a 10-character password with varying characters, numbers, etc. and, interestingly, disabling JAVA in your browser.