What to do when your Twitter account gets hacked?

Spread the love
No entry to my account

No access


9 things to do NOW!

While I slept soundly during the night of January 21 to 22, 2012, my Twitter account got hacked.

I woke up Sunday morning to a slew of warnings from followers (thank you) and panicky emails. That’s the rub with getting an account hacked or pirated: usually you don’t even know about it unless someone tells you.

Act quickly to stop propagation

1: Change your Twitter password

2: Review the applications that interact with your Twitter account and unauthorize those you don’t know or don’t use often. If you are curious about new apps, you’ve probably approved many services to see what they offer and forgotten about it if you’ve not used them. It’s time to clean up!

3: Change the passwords for the applications you wish to keep linked to Twitter and reauthorize their interaction.

4: To be on the safe side, change all your social media passwords (LinkedIn, Viadeo, FB and so on) as well as your administrator access codes to your Web site and blog.

Deep clean your system

5: Clean out your browser’s on-line and off-line cache (if you don’t do it daily as you should!)

6: Again, better safe than sorry, run a thorough check on your PC. I use Kaspersky Pure, which is one of the most powerful and reliable ones on the market. A fully-functional 30-day trial is available for download. Checking my PC (complete analysis + object analysis) took the better part of Sunday. My PC was clean, but now I’m sure. Time well spent.

Everything returned to normal quickly, save that I was unable to send or respond to Direct Messages (DM). From the list of sent DMs, it didn’t seem like my hacker had annoyed more than 45 of my followers. False hope, apparently. Being blocked from sending DMs suggested that he indeed had reached the 250 per day limit. Monday morning, all services were restored.

Restore trust

Just because folks know these things happen (and probably already happened to them – or will!) doesn’t mean your ereputation hasn’t been affected. You need to restore your followers’ trust – in you, your Tweets and their links and in your network security measures.

7: Respond to every Tweet or email you’ve received warning you of the problem or asking if you are really behind that strange DM. If you can’t DM them back, post a public Tweet. This will help warn others and show you are taking care of the problem.

8: Start interacting again normally as soon as you’ve secured your accounts and are sure nothing strange is lurking on your PC.

9: Blog about it. Making as many as possible aware of the risks, how to prevent them and how to solve them will help stem propagation and make it tougher for hackers to get their jollies.

My take-away to myself

Thou shall not skip your monthly password changing routine, no matter what (holidays are not an excuse).

Thou shall not click on any links while using HootSuite on your cell phone outside in the cold  because your cold fingers touch the wrong link.

Thou shall test new apps, but remove their authorization promptly if you don’t use them.


Thanks, everyone, for your warnings and may this post help others stay safe!

Please share it!


Tags: , , , ,

Comments: 3

(comments are closed)

  • Very sound advice by @lokahiandquill on what to do if your Twitter account gets hacked! http://t.co/6YqTnIyj http://t.co/mMbvpwiv

  • This is, I’m sure, great advice but – at the risk of sounding like a total Luddite – I don’t know how to do most of the things you recommend. OK, yes, I can change passwords (and do, occasionally, though almost certainly not as often as I should), but I don’t even know what the “on-line and off-line” caches ARE, let alone how to “clear” them; I also don’t really know how to “review the apps” (though to be honest, I don’t have a smartphone and don’t have many apps, apart from a couple of reliable ones on my FB page) and (God, I’m so embarrassed at my lack of tech-savviness) I have no idea how to change administrator access codes for my blog… Am I a total lost cause?! (My computer is “scanned” daily, I have a firewall and anti-virus whatnot, I do regular backups, so I’m not TOTALLY without hope I guess…!)

    • Hi Kirsty,
      Relax, we all have to learn sometime – and a problem is often the best motivation! To answer (most of) your questions:
      1. Cache: In Firefox (which is what I use), go to Tools > Options > Advanced. The lower of the two boxes is about your off-line cache. Click the box on the right hand side that says “clear now”. For your on-line cache, go to Tools > Options > Privacy and check the box that says “Clear history when FF closes”. A few times a day, you can also clear your recent history (Tools > Options > Clear recent history). There are similar menus in other browsers.
      2. To review the apps that you’ve authorized to interact with your Twitter account, go to your account (upper right hand corner of the screen) > settings > applications. If there are some in there you don’t know or done use, revoke their authorization. For those you keep, go to each, change their password and reauthorize their interaction with your Twitter account.
      3. I don’t know what platform you are using for your blog, but you should have account settings where you can change your log-in and password.

      Hope this helps!