Twitter is advising all users to change their passwords.
The company said Thursday that it recently discovered a bug that stored passwords in an internal log in an unprotected form.
The San Francisco company says it masks, or encrypts, passwords by replacing them with a random set of numbers and letters. But the bug caused passwords to be written to an internal log before that masking occurred. The company says it discovered the bug on its own and has fixed it.