Today I got an automatic email from Twitter:
Hi, alexvirt1
Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We’ve reset your password to prevent others from accessing your account.
You’ll need to create a new password for your Twitter account. You can select a new password at this link:
My first thought was about possible fraud, by it was completely legitimate email. I quickly changed my password and immediately noticed that few minutes before somebody posted on my Twitter the following message:
Sadly it was the truth: somebody was able to hack my Twitter account and post a malicious link.
Google shows that the mentioned malicious domain name was injected on many web resources during past two weeks. So the lesson learned – always use really complex password on publicly available resources (it was done a long time ago for email accounts) and change them at least from time to time.
Also I am very pleased to see that Twitter detected the compromise so quickly.