How to recover from a Twitter hack

When you’re a top prospect for the National Football League, as Laremy Tunsil is, just about the last thing you want tweeted from your verified Twitter account is a video of you wearing a gas mask and firing up a bong.

That’s exactly what happened last Thursday evening. Tunsil says his Twitter account was hacked and has acknowledged that the video was not fake. We don’t yet know who accessed his account.

We do know that social-media accounts are hacked on a stunningly regular basis. “Roughly 1.8 social accounts are breached every second,” says Evan Blair, co-founder of ZeroFox, a company that uses social-media data to detect and prevent attacks. Twitter account hacks, he adds, represent many of those breaches.

People who break into your Twitter account could do more than send some unsavory tweets. They could spread malicious software to your computer or phone. They could also change your account settings, including your password, and access personal information such as your address and date of birth. The more third-party apps you have linked to your Twitter account with the same password, the more personal information they could steal. And the more information they collect, the more likely they are to steal your identity.

If your Twitter account has been hacked, don’t abandon hope—or your account. Knowing what to do after a hack can help reduce the damage and protect you, going forward.

“We have seen high-profile individuals, such as Twitter’s CFO, falling victim to a malicious link and losing access to their account,” Blair said. With 6 percent of all tweets spreading malicious links per day, according to a study from 2013 (PDF), Twitter hacks are a huge problem for everyday users.

Step 1: Being denied access to your account is a sure sign of trouble. If you can’t log in to your account, report it to Twitter immediately. Twitter will “lock your account, then try to remediate, restore, and return access to you,” says Nick Hayes, a Forrester Research analyst.

Step 2: However, if you can access your account,Twitter suggests starting with a password reset. Change your passwords for both Twitter and the email address associated with the account. Hayes recommends changing all account passwords simply because so many accounts are intertwined, and there is no way to know which information has been stolen.

After you’ve changed your password, you will receive a confirmation email and should be able to log in to your Twitter account again. If you can’t, submit a support request that specifies the issue as “hacked account.”

Step 3: When you log back in, click on “settings,” then “apps,” to manage which applications are linked to your account. Twitter recommends revoking access to all third-party apps to recover and protect your account. It also recommends changing your Twitter password on all of your devices and third-party applications. For example, if you’ve allowed Twitter to access your Instagram or Facebook accounts, you should change those account passwords as well.

Step 4: Make it harder to break into your account with “login verification,” also known as two-factor authentication. This feature requires additional confirmation, making access more difficult for hackers. Check out The Parallax’s guide to setting up two-factor authentication on Twitter, Apple, Google, Facebook, and other online services.

Step 5: Check your account settings to ensure that whoever broke in didn’t change them, or send tweets or direct messages without your knowledge. It’s especially important to make sure that the hacker(s) didn’t add a secondary email address to your Twitter account, thus enabling a password reset, says Michiel Prins, co-founder of security company HackerOne.

Step 6: Your account could be a means to an end. If a hacker is targeting your employer, you might have been a stepping stone. Even though it’s a personal account, alerting your employer’s IT or security department about the hack could prevent future damage, Hayes says.

Step 7:  Run a virus scan on your computer. Through antivirus software, you can schedule automated scans that will look for suspicious changes to your computer system.

After you’ve recovered from the hack, read how to change your habits to keep your account secure. If any of your social-media accounts reveal your date of birth or relationship to others, that information can be compiled for a more targeted attack. Change your passwords often, don’t repeat passwords, and keep personal information private.