Thousands of Twitter users have received emails warning their account has been compromised by a third party.
Some accounts had been compromised, but other users had received the emails after Twitter had unintentionally reset unaffected passwords, the company said.
The mass email coincided with incidents involving several high-profile accounts, including at least one account belonging to the BBC.
Other media organisations, such as the TechCrunch blog, reported being warned.
Twitter gave no indication of the cause or source of the compromise, and would not share details of the size of the issue.
In a statement, it said: "When we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users.
"In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised.
"We apologise for any inconvenience or confusion this may have caused."
Deletions and spam
Some users who received the email noticed that some of their tweets had been deleted, while others said spam links had been posted without their knowledge - a typical characteristic of a compromised account.
The Twitter account belonging to BBC Radio 4's Today programme earlier told followers it was "trying to get to the bottom" of problems relating to their feed.
Other BBC accounts have received the warning email - but it is not yet clear if any more were compromised.
Comedian David Mitchell tweeted that he had received the email, and that a tweet he had written publicising his column in the Observer newspaper had been removed.
Some users criticised Twitter's email, suggesting it looked like a "phishing scam" - a message that impersonates an official email in an attempt to trick users into giving up personal details.