Twitter says the passwords were encrypted, the intrusion was limited, and and everyone’s taxes are going down soon (okay, I was kidding about the last one). It’s always hard to sort out what is true and how much of the truth is told, so regardless of what Twitter says, change your password.
Cuz if the accounts were compromised, everything is suspect. You should also check the last couple days of tweets.
Sure they said the passwords were encrypted, but how? Some people think XOR is encryption. No, I’m not saying Twitter uses XOR, but in cases like this, it’s always safer to assume the worst and act accordingly.
Here’s another reason to check and change everything:
“The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked,” Lord said [Bob Lord is Twitter's director of information security]. “For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”
If you’re on Twitter, consider yourself affected. You probably haven’t changed your password since the last time the bird was hacked.
See also Linkedin Hacked.