No security risk?
On first reading, it seems that there isn't an issue. Potentially usernames and passwords were leaked (though salted, and emphasis on "potentially"), which has no bearing on the tokens used by the Twitter API which uses, in effect, a unique one-time password that exists between client and server.
The only criticism is that some affected users wouldn't know they'd been affected, but the only risk to them would be if they shared passwords across different services.