For anyone that often allows oauth to authorize a site to access their Twitter profile, you might just want to stop doing that for now. That is until Twitter does a better job of locking down direct messages.
We became aware of the issue early this morning.
The scary thing is this could be happening to your account right now and all your DM’s could be emailed to the site owners for list building purposes.
Without a doubt, this will become even more of a widespread problem as it is becomes more of a public issue.