NEW YORK -- Twitter is denying a report that credentials from millions of users were stolen or leaked through a data breach at the social media company.
The website LeakedSource says it received a cache of Twitter data that contains 32 million records, including passwords.
But in a blog post, Twitter said the data may have been obtained from other sites or malware -- not from Twitter itself.
"We've investigated claims of Twitter @names and passwords available on the 'dark web,' and we're confident the information was not obtained from a hack of Twitter's servers," the company wrote.
"The purported Twitter @names and passwords may have been amassed from combining information from other recent breaches, malware on victim machines that are stealing passwords for all sites, or a combination of both."
In an earlier statement, Twitter tried to reassure users, "In fact, we've been working to help keep accounts protected by checking our data against what's been shared from recent other password leaks."
It said Thursday evening that it has already reset the passwords and sent email notifications to any users whose credentials were compromised.
Over a week ago, LeakedSource reported that more than 360 million records from MySpace were obtained from a hacking incident in 2013. The website has also reported that data from 167 million LinkedIn accounts were also affected from a prior hacking incident.
In recent days a number of high-profile Twitter accounts have been hijacked, including those belonging to Facebook CEO Mark Zuckerberg, reality star Kylie Jenner, and musicians Keith Richards, Drake and Tenacious D. On Tuesday, hackers briefly took over the official NFL Twitter account and falsely announced that commissioner Roger Goodell had died.
It is unclear whether the same hackers were responsible in all those cases.