Twitter is recommending that all of its users change their passwords today after finding a bug that unmasked passwords internally. After discovering the bug, they investigated it and found no evidence of a breach. Still, they want you to be safe and consider changing your password anyway.
The bug had to do with the technology Twitter uses to mask passwords (with a random set of numbers and letters) from their internal systems as they validate you. For whatever reason, this system was creating a log with passwords that were no longer masked. Going forward, Twitter says that they are implementing plans to prevent this bug from surfacing again.
To change your Twitter password, head into your Settings.
We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ
— Twitter Support (@TwitterSupport) May 3, 2018