"Due to a bug, passwords were written to an internal log before completing the hashing process," Twitter explained in a blog post. "We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again."
Twitter say they don't believe "information ever left Twitter's systems or was misused by anyone," but recommends that users change their passwords and enable two factor authentication.
To change your password, visit Twitter's password reset page.