According to reports by LeakedSource, a site that indexes hacked login credentials from data breaches, Twitter login credentials were being sold on the Darknet. The blog stated that they received a database containing 32 Million Twitter login credentials.
Based on the information available, the site adds that the credentials were stolen by browser malware, rather than breaching Twitter’s database, because of the fact that most of the stolen passwords are in plain text. Also it seems that majority of the people who have been breached are from Russia, as 6 of the top 10 email domain names belonged to the country.
https://twitter.com/Support/status/739949019594674176
Michael Coates, Trust and Information Security officer of Twitter, Tweeted that Twitter's systems haven’t been breached. He later added in another tweet, “We securely store all passwords w/ bcrypt,” confirming that they store password after hashing, which is a good practice from a security standpoint.
https://twitter.com/_mwc/status/740762909144428544
The real danger from this is for people who usually re-use their passwords in multiple online sites. Recently, Mark Zuckerberg had a couple of his online account hacked because he had re-used his password, which leaked in the LinkedIN Data breach. This should be a lesson for web users to use strong passwords & to reset their passwords in the event of a data breach. Also, it is recommended to use features like Two Factor Authentication to ensure safety of personal data .