My Twitter Account was hijacked

Posted By on November 14, 2009


Rather frustrating, but it happens – my @RichC Twitter account was hijacked and direct message bombarded with a bogus link to those who are following. After logging in and changing my password and eliminating the three connections that I had registered with, I’m hoping things will return to normal? We’ll see, but for now it looks as if the login attempt to my account may have stopped and that Twitter servers have locked out any attempts to log back in … including my attempt to log back in?

Anyway, here is Twitter’s advice if this happens to you.

If you’re still able to log in to your account, immediately do the following:

  1. Log out of Twitter immediately (this will invalidate the session cookie).
  2. Clear your browser cache and exit your browser completely (this will stop suspicious or unwanted programs that may be running in the background of your browser).
  3. Open a new browser window and log in to Twitter. Then, immediately change your password. You can also use the Twitter password reset feature to set a new password before logging in again. 
  4. Visit your settings page and check your Connections. Revoke access for any third-party application that you don’t recognize.


Your account should be ok, but please submit a support request and include any statuses that weren’t posted by you in the body of the request. If you can record the link of the status update before deleting it (click on the time the tweet was posted) and send us that link, even better!

Finally, be sure to update your password in all of your third party applications as well. If a third party application (like Facebook, Twitterrific, Twhirl, etc.) is trying to use your old password to access your tweets, it will lock you out of your account!

If you’re NOT able to log in to your account, try to reset your password first. If you still can’t get in, contact Support. Try submitting a support request through our online form. If you can’t access that form, you’ll be redirected to a Twitter login page. Click the link in the bottom-right corner of that page (it says "No account? Can’t login?"). This link will enable you to email support directly. Please send your email from the email address associated with your Twitter account, and include the following information:

  • Your Twitter username
  • Phone number associated with your Twitter account (if applicable)
  • The welcome email that was sent you when you created your account (if you can find it)
  • Any notifications you’ve recently received (follow, direct message, etc.)
  • A list of a few friends you’ve recently direct messaged, or who’ve recently messaged you
  • An old IM address you verified, if you had an account when Twitter allowed updating via IM

This information will help us confirm your identity as the account owner.


Desultory - des-uhl-tawr-ee, -tohr-ee

  1. lacking in consistency, constancy, or visible order, disconnected; fitful: desultory conversation.
  2. digressing from or unconnected with the main subject; random: a desultory remark.
Do NOT follow this link or you will be banned from the site!