Twitter also specified that it is "confident the information was not obtained from a hack of Twitter's servers", according to a media report.

It's not clear how many accounts Twitter chose to lock, but the company told the Wall Street Journal the number was in the millions, and that those affected will have already received an e-mail explaining the situation, the report noted.

 The news of leaked passwords was first provided by LeakedSource, a site with a search engine of leaked login credentials and said that the cache of Twitter data contains 32,888,300 records, including e-mail addresses, usernames and passwords.

LeakedSource noted that "the user credentials were collected by malware infecting browsers like Firefox or Chrome rather than stolen directly from Twitter".