Dealing with a hacked Twitter (rebranded as “X”) account can be frustrating.

But hey, don’t freak out if it happens to you.

From A-listers like Taylor Swift and Mariah Carey to superstar sports franchises, hacks on Twitter are actually more common than you might think.

That said, you shouldn’t treat hacks like business as usual.

Security snafus are bad for your online reputation. Nobody wants to have to do damage control or potentially lose access to their account, either.

The good news, though? There are relatively simple steps you take to beef up your Twitter security and give yourself some much-needed peace of mind.

This quick guide breaks down how to handle a hacked Twitter account and prevent security issues in the future.

“How do I know if my Twitter was hacked?”

Hey, good question.

While oftentimes it’s clear that your account’s been hacked, sometimes suspicious activity can fly under the radar.

Below are some tell-tale signs you’ve had your Twitter hacked.

Unauthorized or inappropriate tweets

Arguably the most obvious sign that something’s up is if your account is publishing posts that you didn’t write yourself.

For example, let’s look back to when Twitter’s own Jack Dorsey’s was hacked. It was pretty obvious that these seemingly random, off-the-cuff tweets weren’t from Jack himself.

jack dorsey hacked twitter account

Inappropriate messages and shout-outs are often trademarks of hackers looking to stir up trouble. Case-in-point, FC Barcelona’s Twitter hack resulted in a push to get the #FCBHack tag trending in addition to announcing fake player signings.

FC Barcelona hacked Twitter account

If your account seemingly goes rogue and begins publishing content you weren’t responsible for, there’s a non-zero chance you’ve had your Twitter account hacked.

Strange messages, follower activity or app activity

As noted, compromised accounts aren’t always obvious.

For example, consider actions that a hacker could take which might take a few hours or days to come to your attention such as:

  • Sending unauthorized DMs
  • Mass following or unfollowing Twitter accounts
  • Blocking other Twitter users
  • Authorizing third-party apps that you didn’t connect yourself

This speaks to the importance of regularly logging into your Twitter account and paying attention to notification from the platform.

Unexpected activity notifications

Twitter has measures in place to help users identify suspicious logins that might result in hacks.

For example, Twitter automatically gives you a heads up via email when there’s a login from a new device or location. You’ll receive similar notifications if your account is deemed compromised or otherwise violates the platform’s rules while hacked.

potential hacked twitter account notification

By moving swiftly on activity notifications, you can resolve your hacked Twitter account before the situation spirals beyond your control.

“Okay, I’ve had my Twitter hacked. Now what?”

Let’s say your account is compromised.

Again, don’t panic. The key here is to move quickly and go through the following steps.

Change your Twitter password ASAP

Perhaps the most obvious action to take, it pays to be vigilant when it comes to your password(s). If you think you’ve been hacked, you should change yours immediately.

As a side note, it’s likewise a good idea to confirm that your email account isn’t compromised as well. Ensure that your Twitter account is still linked to an appropriate email address and change the passwords to both to be safe.

Double-check your app access and recent sessions

Assuming you have access to your account, it’s time to look at your third-party apps and recent logins (“Settings and Privacy -> “Data and Permissions” -> “Apps and settings”).

Revoke access to any apps that you don’t recognize. The same rings true for any outdated apps that you’re not using anymore.

You can verify third party apps connected to your Twitter app to avoid hacks

Conveniently, your recent login history is located right within your Twitter app. Here you can see if your account was accessed from an unfamiliar location or device.

To be safe, it’s also a good idea to use this screen to log out of all of your Twitter sessions whether they be mobile or desktop. You can then log back in with your new, secure password.

 

Twitter sessions

Once you’re back into your account, double-check your recent tweets, DMs and follower list(s) to make sure everything is back to normal before resuming your use of Twitter.

Get in touch with Twitter yourself

If you’re locked out as the result of a hack, you can restore Twitter account access directly through the platform.

You can likewise contact @TwitterSupport to report any issues, although it may require some time and back-and-forth to get a response or resolution.

“Do I need to let my followers know I had my Twitter hacked?”

The short answer? It depends, but we’re going to err on the side of “probably.”

Sure, apologizing on social media can be tricky. Maybe you’re embarrassed or don’t want to draw attention to a security slip up.

However, an apology is warranted if a hack resulted in any combination of the following:

  • Spam links that your followed may have clicked
  • Unsolicited DMs
  • Inappropriate, offensive or off-brand Tweets

When in doubt, give your followers a heads up even if you aren’t 100% sure that you’ve been hacked. Chances are your followers will appreciate the transparency.

Examples of good apologies following a hacked Twitter account

Let’s quickly look at some example Twitter apologies for reference.

The common thread between these apologies?

They’re concise, thoughtful and personable.

Assuming nobody in your business was responsible for the hack or highly offensive content, apologizing doesn’t have to be lengthy or complicated. Your end-goal here is to address the issue and move on.

Considering how quickly content pushes through Twitter, your followers probably won’t dwell on it anyhow.

How to prevent a hacked Twitter account in the future

Whether you’ve been hacked or just want to avoid a potential headache in the future, we’ve got you covered.

Below are some proactive ways to avoid a hacked Twitter account in the future. If nothing else, these are all solid social media security standards that should apply to your accounts beyond Twitter as well.

Enable two-factor authentication

If you haven’t already, enable two-factor authentication on your Twitter account (“Settings and Privacy -> “Login and security” -> “Security”).

twitter two factor authentication can help you avoid a hacked twitter account

This requires a secondary verification of new logins to your account via email or the Twitter app. Think of two-factor as a second line of defense between your account and a potential hack.

Twitter two factor authentication can help avoid any future hacks

Setting up two-factor authentication only takes a minute or two and is arguably one the best avoids to avoid a hacked Twitter.

Pick a stronger password (and keep it secure)

There’s plenty of debate over what constitutes a “good” password, but conventional wisdom says to stick to the following principles:

  • The longer, the better
  • Use a combination of lowercase and uppercase letters, symbols and numbers
  • Use strings of uncommon words or phrases

You can also use a tool such as a password security checker (this one is powered by Dashlane) to see how long it would theoretically take yours to get cracked by a computer.

an example of creating a secure password

Be selective about who has access to your Twitter account

In short, don’t provide access to your Twitter to anyone and everyone.

If you’re using your Twitter for business, you should have ideally a process for deciding who gets access to your account. Careless logins can result in hacks, after all.

Using a publishing tool like Sprout Social, you can pick and choose permissions for social media users on your shared account.

limiting permissions to users on your accounts in platforms like Sprout Social can help you avoid a hacked Twitter account

Don’t click on weird links or suspicious DMs

This might seem like a no-brainer but it bears repeating.

See a DM from an account you don’t recognize? Don’t click any links in it. It’s that simple.

This is especially true if you see a shortened link Bitly link with an unknown destination (think: https://bit.ly/3gvqFB7). Be suspicious of any messages that you don’t recognize and use other means of communication such as email to confirm that people are who they claim to be.

Monitor your Twitter activity regularly

By keeping an eye on your Twitter activity, you can spot hacks and potential trouble early on.

For example, spikes in activities such as new messages, lost or new followers and a storm of new tweets can signal trouble.

This is where tools such as Twitter analytics and reporting can be helpful. In addition to making sure that your account is engaged and growing, Sprout can clue you in on anomalies in your day-to-day activity.

 

Sprout Social Twitter report

And with that, we wrap up our guide!

Do you know how to handle a hacked Twitter account?

Although you shouldn’t live in fear of having your Twitter hacked, you should be prepared with knowing how to protect and get your account back to normal.

The tips above are both straightforward and proactive for personal accounts and businesses alike.

In a day and age dominated by security concerns and data breaches, shoring up your social media security makes sense. And hey, so does knowing how to tackle a potential social media crisis.

If you haven’t already, make sure to check out our guide to social media crisis management to empower your team to plan and prepare for any sort of dilemma via social such as a hacked account.

Use of Twitter nomenclature across Sprout refers to newly rebranded X platform and related terminology.