If you got a weird message from Twitter the other day asking you to change your password, you weren’t the only one. All 330 million users were advised to update their passwords last Friday after a lapse in Twitter’s security occurred.

The bug resulted in login details being stored as readable text on an internal computer system instead of being properly encrypted. Although not all users were affected, a “substantial” amount were, with the passwords being left unprotected for multiple months until the issue was discovered a few weeks ago.

Twitter says that the issue has now been resolved, and no data found its way into the wrong hands. However, users should still change their passwords as a precaution. Chief executive Jack Dorsey tweeted:

We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password.

It may not be as bad as the Facebook Cambridge Analytica scandal, but the security error still doesn’t look good for Twitter.