Late last night, a “large number” of Twitter’s more than 140 million active users received an email that began with the startling sentence, “Twitter believes that your account may have been compromised by a website or service not associated with Twitter.” The emailed explained that Twitter reset the password “to prevent others from accessing your account.”

The email set off a bit of a scramble (it did where I work at @breakingnews), but Twitter admits this morning that the password resets — which are part of Twitter’s regular security rountine — were a mistake. “We unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologize for any inconvenience or confusion this may have caused,” Twitter explained on its blog.

Regardless, it’s a great fire drill to remember to change your Twitter passwords (especially for major media accounts) on a regular basis. It’s also a good idea to routinely check (in settings) which apps you’ve connected with your account — you might be surprised what you find — and “revoke access” with the ones you no longer use.