Twitter hacked: here’s how to protect your account

Experts share some tips to help you secure your Twitter profile

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Among shocking internal revelations about its content moderation practices and massive data breaches, it’s pretty hard for Twitter to stay out of the public eye.

The culprit, this time, is last week’s cyberattack which saw over200 million of Twitter users' loginsbeing compromised. Specifically, email addresses used to set up accounts were stolen and given away for free on a hacker forum.

That’s especially concerning for those sensitive users who might regularly use security tools like thebest VPNservices and think they have their online anonymity effectively protected.

The latest events certainly aren’t the first – nor the worst – instance of the bird icon getting caught up in such a worrying data breach.Twitter’s security flawshave indeed long predated Elon Musk’s takeover.

However, similar incidents could arguably increase in the near future, seeing the dramatic wave of layoffs that has followed the new management.

That’s why some privacy experts have shared with TechRadar some useful tips to help you better protect your Twitter profile. Here’s what they say.

Twitter database leaks for free with 235,000,000 records.The database contains 235,000,000 unique records of Twitter users and their email addresses and will unfortunately lead to a lot of hacking, targeted phishing, and doxxing.This is one of the most significant leaks ever. pic.twitter.com/kxRY605qMZJanuary 4, 2023

Twitter leaks - what’s at stake for users?

“The leaking of more than 200 million Twitter users’ email addresses is a serious and dangerous cybersecurity breach, which could potentially lead to further sensitive information being accessed by the perpetrators,” said Ceri Shaw, Chief Delivery Officer at Scotland’s digital skills academyCodeClan.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

These stolen email addresses might be used totarget victims in larger phishing campaigns, for example.Phishing attackshave indeed been on the rise over the last few years.

Doxxing, the act of publishing private and identifying information about a specific individual online, is another huge risk of such a significant leak - according to cyber-crime information companyHudson Rock.

Legal Director of UK data breach solicitors firmHayes Connoralso believes that the hacked accounts might be more likely to sufferidentity theft,credit scamsas well asbank or financial fraud.

Twitter’s security issues long predate Elon Musk - but now they’re snowballing>Discover why it’s time to dig up Mastodon>Our pick of the best privacy tools around right now

Money, privacy and reputation aren’t the only things at stake for users, though.

Having such personal data publicly exposed might also lead tohigher emotional distressandanxiety. All this could then provoke a longer lasting impact on overall victims' mental health.

“The news about one of the largest data leaks of all time is extremely alarming, especially one of this scale,” explained Forrest.

“The public puts a lot of trust in social media platforms such as Twitter, with the expectation that their data is going to be handled securely. It is concerning that Twitter are yet to comment considering how many people may be affected.”

How to protect your Twitter account

Whether you’re worried that your personal information has been leaked, or securing your Twitter profile for future data breaches is what you’re after, there are some actions that you should take right now to secure your most sensitive data.

Firstly, you should find out if your data has been compromised via sites likehaveibeenpwned.com.

Hayes Connor’s lawyers advise victims tobe aware of fraudulent emails, texts and callsas these are likely to be phishing scams. They also recommend not giving away any personal data nor clicking on links.

You should also consider contacting your bank to check for any suspicious activities. Likewise, experts recommend initiating a fraud alert with your credit company.

Shaw from CodeClan also said tolookout for any suspicious activitieslike password reset emails, unusual pop-ups on their device and targeted phishing emails. If that’s the case, you really shouldgo over your security settingsandupdate your passwordswith combinations difficult to guess as soon as possible.

“Passwords should use a combination of special characters, letters and numbers and should have no relevance to any of your personal information,” explained Shaw, advising to get one of thebest password managertools to help you create and manage more secure login details over time.

“Looking ahead, Twitter needs to thoroughly investigate how this was allowed to happen and implement measures to ensure the impact of any possible future cybersecurity breaches is minimized.”

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up.She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption