Dealing with a hacked Twitter (rebranded as “X”) account can be frustrating.
But hey, don’t freak out if it happens to you.
From A-listers like Taylor Swift and Mariah Carey to superstar sports franchises, hacks on Twitter are actually more common than you might think.
— Dov Kleiman (@NFL_DovKleiman) January 27, 2020
That said, you shouldn’t treat hacks like business as usual.
Security snafus are bad for your online reputation. Nobody wants to have to do damage control or potentially lose access to their account, either.
The good news, though? There are relatively simple steps you take to beef up your Twitter security and give yourself some much-needed peace of mind.
This quick guide breaks down how to handle a hacked Twitter account and prevent security issues in the future.
“How do I know if my Twitter was hacked?”
Hey, good question.
While oftentimes it’s clear that your account’s been hacked, sometimes suspicious activity can fly under the radar.
Below are some tell-tale signs you’ve had your Twitter hacked.
Unauthorized or inappropriate tweets
Arguably the most obvious sign that something’s up is if your account is publishing posts that you didn’t write yourself.
For example, let’s look back to when Twitter’s own Jack Dorsey’s was hacked. It was pretty obvious that these seemingly random, off-the-cuff tweets weren’t from Jack himself.
Inappropriate messages and shout-outs are often trademarks of hackers looking to stir up trouble. Case-in-point, FC Barcelona’s Twitter hack resulted in a push to get the #FCBHack tag trending in addition to announcing fake player signings.
If your account seemingly goes rogue and begins publishing content you weren’t responsible for, there’s a non-zero chance you’ve had your Twitter account hacked.
Strange messages, follower activity or app activity
As noted, compromised accounts aren’t always obvious.
For example, consider actions that a hacker could take which might take a few hours or days to come to your attention such as:
- Sending unauthorized DMs
- Mass following or unfollowing Twitter accounts
- Blocking other Twitter users
- Authorizing third-party apps that you didn’t connect yourself
This speaks to the importance of regularly logging into your Twitter account and paying attention to notification from the platform.
Unexpected activity notifications
Twitter has measures in place to help users identify suspicious logins that might result in hacks.
For example, Twitter automatically gives you a heads up via email when there’s a login from a new device or location. You’ll receive similar notifications if your account is deemed compromised or otherwise violates the platform’s rules while hacked.
By moving swiftly on activity notifications, you can resolve your hacked Twitter account before the situation spirals beyond your control.
“Okay, I’ve had my Twitter hacked. Now what?”
Let’s say your account is compromised.
Again, don’t panic. The key here is to move quickly and go through the following steps.
Change your Twitter password ASAP
Perhaps the most obvious action to take, it pays to be vigilant when it comes to your password(s). If you think you’ve been hacked, you should change yours immediately.
As a side note, it’s likewise a good idea to confirm that your email account isn’t compromised as well. Ensure that your Twitter account is still linked to an appropriate email address and change the passwords to both to be safe.
Double-check your app access and recent sessions
Assuming you have access to your account, it’s time to look at your third-party apps and recent logins (“Settings and Privacy -> “Data and Permissions” -> “Apps and settings”).
Revoke access to any apps that you don’t recognize. The same rings true for any outdated apps that you’re not using anymore.
Conveniently, your recent login history is located right within your Twitter app. Here you can see if your account was accessed from an unfamiliar location or device.
To be safe, it’s also a good idea to use this screen to log out of all of your Twitter sessions whether they be mobile or desktop. You can then log back in with your new, secure password.
Once you’re back into your account, double-check your recent tweets, DMs and follower list(s) to make sure everything is back to normal before resuming your use of Twitter.
Get in touch with Twitter yourself
If you’re locked out as the result of a hack, you can restore Twitter account access directly through the platform.
You can likewise contact @TwitterSupport to report any issues, although it may require some time and back-and-forth to get a response or resolution.
“Do I need to let my followers know I had my Twitter hacked?”
The short answer? It depends, but we’re going to err on the side of “probably.”
Sure, apologizing on social media can be tricky. Maybe you’re embarrassed or don’t want to draw attention to a security slip up.
However, an apology is warranted if a hack resulted in any combination of the following:
- Spam links that your followed may have clicked
- Unsolicited DMs
- Inappropriate, offensive or off-brand Tweets
When in doubt, give your followers a heads up even if you aren’t 100% sure that you’ve been hacked. Chances are your followers will appreciate the transparency.
If you got this push, do not click or email the address listed. It is not affiliated with WAFB, and appears to be part of a hacking group known for targeting celebs and media sites to promote their own security programs. We are working to sort this out. pic.twitter.com/yWfSsXndGI
— Elizabeth Vowell (@ElizabethWAFB) May 18, 2020
Examples of good apologies following a hacked Twitter account
Let’s quickly look at some example Twitter apologies for reference.
Hey everyone, I was hacked as I’m sure everyone knows. What a bummer that someone would go to such great lengths to spread hate. I want to apologize for the horrible comments that were posted, it was deeply upsetting to me. Much love to you all in these crazy times.
— Joe Keery (@joe_keery) April 21, 2020
Well, we were hacked. And it wasn’t funny. We apologize for the awful posts, which obviously did not come from us.
— Buffalo Wild Wings (@BWWings) June 2, 2018
Apologies that our account was compromised this morning. We're back in the game & ready for the Pro Bowl. 🐻⬇️
— Chicago Bears (@ChicagoBears) January 26, 2020
The common thread between these apologies?
They’re concise, thoughtful and personable.
Assuming nobody in your business was responsible for the hack or highly offensive content, apologizing doesn’t have to be lengthy or complicated. Your end-goal here is to address the issue and move on.
Considering how quickly content pushes through Twitter, your followers probably won’t dwell on it anyhow.
How to prevent a hacked Twitter account in the future
Whether you’ve been hacked or just want to avoid a potential headache in the future, we’ve got you covered.
Below are some proactive ways to avoid a hacked Twitter account in the future. If nothing else, these are all solid social media security standards that should apply to your accounts beyond Twitter as well.
Enable two-factor authentication
If you haven’t already, enable two-factor authentication on your Twitter account (“Settings and Privacy -> “Login and security” -> “Security”).
This requires a secondary verification of new logins to your account via email or the Twitter app. Think of two-factor as a second line of defense between your account and a potential hack.
Setting up two-factor authentication only takes a minute or two and is arguably one the best avoids to avoid a hacked Twitter.
Pick a stronger password (and keep it secure)
There’s plenty of debate over what constitutes a “good” password, but conventional wisdom says to stick to the following principles:
- The longer, the better
- Use a combination of lowercase and uppercase letters, symbols and numbers
- Use strings of uncommon words or phrases
You can also use a tool such as a password security checker (this one is powered by Dashlane) to see how long it would theoretically take yours to get cracked by a computer.
Be selective about who has access to your Twitter account
In short, don’t provide access to your Twitter to anyone and everyone.
If you’re using your Twitter for business, you should have ideally a process for deciding who gets access to your account. Careless logins can result in hacks, after all.
Using a publishing tool like Sprout Social, you can pick and choose permissions for social media users on your shared account.
Don’t click on weird links or suspicious DMs
This might seem like a no-brainer but it bears repeating.
See a DM from an account you don’t recognize? Don’t click any links in it. It’s that simple.
This is especially true if you see a shortened link Bitly link with an unknown destination (think: https://bit.ly/3gvqFB7). Be suspicious of any messages that you don’t recognize and use other means of communication such as email to confirm that people are who they claim to be.
Retrieved my Twitter account which was hacked by someone sending me a Whatsapp message purportedly from Instagram saying my content has violated copyright He sent me a link and asked me to follow..The idiot in me went in and typed out my Twitter password instead . Twitter hacked pic.twitter.com/SXtpWuxLqN
— Srinivas singer (@singersrinivas) October 12, 2019
Monitor your Twitter activity regularly
By keeping an eye on your Twitter activity, you can spot hacks and potential trouble early on.
For example, spikes in activities such as new messages, lost or new followers and a storm of new tweets can signal trouble.
This is where tools such as Twitter analytics and reporting can be helpful. In addition to making sure that your account is engaged and growing, Sprout can clue you in on anomalies in your day-to-day activity.
And with that, we wrap up our guide!
Do you know how to handle a hacked Twitter account?
Although you shouldn’t live in fear of having your Twitter hacked, you should be prepared with knowing how to protect and get your account back to normal.
The tips above are both straightforward and proactive for personal accounts and businesses alike.
In a day and age dominated by security concerns and data breaches, shoring up your social media security makes sense. And hey, so does knowing how to tackle a potential social media crisis.
If you haven’t already, make sure to check out our guide to social media crisis management to empower your team to plan and prepare for any sort of dilemma via social such as a hacked account.
Use of Twitter nomenclature across Sprout refers to newly rebranded X platform and related terminology.
10 Twitter automation tools for your brand in 2024Published on November 22, 2023 Reading time 7 minutes
How to create a Twitter marketing strategy for your brandPublished on September 8, 2023 Reading time 11 minutes
How to use Twitter advanced search to get more leads for your brandPublished on July 24, 2023 Reading time 8 minutes
Twitter analytics: How to analyze and improve your Twitter dataPublished on July 18, 2023 Reading time 11 minutes