It's not entirely clear that this is the massive user data breach it was made out to be when first revealed.
A quick scan of the Pastebin dump (hell yeah, I checked for my own) shows that many of the listed accounts appear to be duplicates, and/or spambots or suspended accounts.
Further, the passwords are "stronger" than average: this link shows seemingly random alphanumeric strings, mixed case, 8 characters every single one. Wonder what the real story is.
If in doubt about your own account, you can always update your password.
Re: Allegedly exposed credentials: We're looking into the situation and have pushed out password resets to potentially affected accounts.— Twitter Comms (@twittercomms) May 9, 2012
The list of alleged accounts & passwords consists of more than 20,000 duplicates. Also suspended spam accounts & incorrect login credentials— Twitter Comms (@twittercomms) May 9, 2012