Stealing passwords is brutally retro: Twitter has a fully supported mechanism for the delegation of certain powers, to be carried out as though by the user, without any password sharing. Facebook and friends, most of the 'social' world have equivalents of various flavors.
Architecturally, I'm sympathetic. Secure capabilities delegation is absurdly superior to password sharing, and has legitimate and necessary uses (y hello thar sudo, we were just talking about you...); but realistically it has always made the hairs on the back of my neck rise a bit in the context of 'social media' services, whose primary purposes (in the hands of 3rd parties, who would be the access delegates) are almost invariably spam, data-mining, and the occasional splashy humiliation/character assassination of the account-holder. The fact that those miserable abhumans at Zynga made very, very, heavy use of these delegation capabilities in promoting Farmville and its vile ilk probably don't help my feelings on the subject.
TL;DR: It almost certainly wasn't a password breach, it's a capability that 'social' companies (especially the starving ones with minimal revenue models, like, oh, Twitter) almost invariably have, largely for the benefit of their real customers, and no, nobody will learn anything.