A Twitter hacker on Monday revealed thousands of user names and passwords for the microblogging site, but here's the good news: Most of the compromised accounts appear to be spam.
Word of the breach began spreading Tuesday after hacking news and activist hub Airdemon posted a dispatch saying 55,000 accounts had been compromised. It linked to Pastebin pages containing the allegedly compromised user names and passwords.
A Twitter representative said the company is investigating. He also downplayed the extent of the potential breach, which hit a small sliver of Twitter's 140 million active users.
"It's worth noting that, so far, we've discovered that the list of alleged accounts and passwords found on Pastebin consists of more than 20,000 duplicates, many spam accounts that have already been suspended and many login credentials that do not appear to be linked (that is, the password and username are not actually associated with each other)," Twitter spokesman Robert Weeks said.
Still, Twitter is taking precautions.
"We are currently looking into the situation. In the meantime, we have pushed out password resets to accounts that may have been affected," Weeks said.
Twitter needs to be especially sensitive to security breaches. In March 2011, the Federal Trade Commission finalized a settlement with Twitter stemming from a pair of data breaches in 2009 that let hackers gain control of Twitter accounts.
Under the settlement's terms, Twitter faces fines and other penalties if it fails to maintain "a comprehensive information security program."
But Twitter has had a few other recent glitches.
Just two months ago, Twitter was forced to temporarily suspend the Web version of its TweetDeck software after a glitch allowed some users access to other users' accounts. Twitter repaired the bug the day after it was publicly exposed.