A quarter of a million Twitter accounts have been compromised by hackers, according to the social network.
This follows similar attacks on the Wall Street Journal and the New York Times in the last two weeks.
Bob Lord, director of information security at Twitter, wrote that his team had noticed irregular access patterns which they soon realised was evidence of a large-scale cyber attack.
"This week, we detected unusual access patterns that led to us identifying unauthorised access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information - usernames, email addresses, session tokens and encrypted/salted versions of passwords - for approximately 250,000 users."
He added that passwords have been reset for these accounts, and that the relevent users will receive an email inviting them to create new authentication details.
In yet another blow to Oracle's much-maligned Java platform - criticised for the ease with which it can be exploited for hackers - Lord also encouraged users to disable Java on their computers.
Both Apple and Mozilla recently disabled Java by default on their browsers.
Lord also stated that the attack on Twitter was carried out by a professional, dedicated team of hackers.
"This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked.
"For that reason we felt that it was important to publicise this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users. "
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy