Thousands of Twitter users around the world have received emails warning their account has been compromised by a third party.
Some accounts had been compromised, but other users had received the emails after Twitter had unintentionally reset unaffected passwords, the company said.
The mass email coincided with incidents involving several high-profile accounts.
Other media organizations, such as the TechCrunch blog, reported being warned.
Twitter gave no indication of the cause or source of the compromise, and would not share details of the size of the issue.
In a statement, Twitter said: “When we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users.
“In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised.
“We apologize for any inconvenience or confusion this may have caused.”
Some users who received the email noticed that some of their tweets had been deleted, while others said spam links had been posted without their knowledge – a typical characteristic of a compromised account.
British comedian David Mitchell tweeted that he had received the email, and that a tweet he had written publicizing his column in the Observer newspaper had been removed.
Some users criticized Twitter’s email, suggesting it looked like a “phishing scam” – a message that impersonates an official email in an attempt to trick users into giving up personal details.