Twitter says it is trying to figure out how user names and passwords from thousands of accounts apparently wound up on an online file sharing website.
Information posted on Pastebin.com appeared to be from about 35,000 Twitter accounts, according to a message "tweeted" by the San Francisco firm.
"We're looking into the situation and have pushed out password resets to potentially affected accounts," Twitter said.
Twitter, which rocketed to popularity by letting people fire off short text messages to limitless numbers of people using smartphones, recommended users change their passwords.
The list at Pastebin included spam accounts and incorrect login credentials, according to Twitter.
The evident data breach came as Twitter challenged a court order to give US authorities data on one of its users involved in Occupy Wall Street.
The motion filed on Monday in a New York state court said the order would require Twitter to violate federal law and denies the user the ownership rights to his Twitter messages.
The American Civil Liberties Union on Tuesday applauded Twitter's action, saying the company was standing up for free speech.