Want to know how to freak out your user base? Send an email to thousands of users saying that you reset their passwords because their account may or may not have gotten hacked. That's what Twitter did after it suffered a phishing attack in early November. The only problem? A large majority of people who received the emails weren't hacked. Twitter later apologized and admitted that it reset too many passwords and sent out too many emails. But, hey, better safe than sorry, right?
11. Twitter Resets Thousands of Passwords