How to Recover From a Twitter Hack

Tuesday's hacking of the Associated Press' Twitter account is the latest in a number of high-profile social media hijackings.

According to the AP, its Twitter account suffered a phishing attack, which allowed a hacker to publish a tweet that read "Breaking: Two Explosions in the White house and Barack Obama is injured." The tweet, which was sent out just after 1 p.m. EST, panicked Twitter users and caused the Dow Jones Industrial Average to drop 143 points.

Eric Johnson, professor and director of the Center for Digital Strategies at Dartmouth College's Tuck School, says that these types of hacks have become all too common. This year alone, NPR, the BBC, Burger King and Jeep have all had social media accounts compromised.

"Phishing is the most common method used to break into Twitter and steal credentials. They're extremely simple hacks that can cause extreme havoc," Johnson says. "It only takes one simple hack to create a world of problems.

If you or your business falls victim to a social media hack, here are four things you should do to recover from it and ensure it doesn't happen again.

1. Regain Control of Your Account

If your Twitter account has been compromised, the first thing you need to do is change your password immediately, Johnson says. Do this by clicking on the gear icon in the top-right of your screen and select Settings. Click "Password" from the menu on the left and enter in your new password.

If your account has been suspended because Twitter suspects you were hacked, visit to fill out a form that will help you regain access.

Because third-party apps that have access to your Twitter account can be a reason why your account was compromised, Johnson recommends revisiting this list and removing any unnecessary applications.

To see which apps have access to your account, visit your Settings page and click "Apps" from the menu on the left. Revoke access to applications you are unfamiliar with or are no longer using.

2. Delete Posts and Inform Your Audience

Once you've regained control of your account, remove the tweets that the hacker posted. Do this by navigating to your profile, hovering over the offending tweet and clicking "Delete."

Johnson says it's also important to inform your stakeholders of the situation to let them know what happened and that it's under control.

"Time is of the essence. Be sure to rebroadcast the issue on every channel available to you," he says. "Post a message on your website's homepage, tweet it, post it on Facebook and other social media sites. This ensures they know about the problem and it reduces the damage."

[ How to Spot a Social Media Scam]

3. Review Your Social Media Process

Johnson says that because social media can feel both familiar and simple, users in charge of maintaining an account can be lulled into a false sense of security. This is why after an incident-or at any other time-it's a good idea to review and amend your processes for and use of sites such as Twitter.

"Setting up a process for using social media may seem contrary since it should be raw and transparent, but when you're representing a company, it pays to think about what the process around it looks like," Johnson says.

Start by involving your chief security officer or chief privacy officer in a conversation to examine procedures and to look for areas in which you can improve, he suggests.

For example, Johnson says: "Because are people associated with these tweets, if a hacker can figure out who's tweeting-their email address, for example-they can figure out how to phish."

4. Preach and Teach Online Safety

Johnson says that anyone who is involved in a business' social media efforts should receive training not only on how to use it effectively, but on the security risks and how to recognize them.

"Phishing attacks are easy to see through if you take the time and know what you're looking for," he says. "These sorts of things are trainable."

Kristin Burnham covers consumer technology, social networking and social business for Follow Kristin on Twitter @kmburnham. Follow everything from on Twitter @CIOonline and on Facebook. Email Kristin at

Read more about consumer in CIO's Consumer Drilldown.

Join the CSO newsletter!

Error: Please check your email address.

Tags online securitytwitter scaminternetsocial media securitydartmouth collegeBurger Kingtwitter account hackedBBCApplications | ConsumerNPRtwitter hacksecurityTwitter securitysocial media hacksoftwaretwittersocial mediaphishingInternet-based applications and servicesonline safetyapplicationshackingsTwitter Tipssocial media tips

More about BBC Worldwide AustralasiaBurger KingDow JonesFacebook

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Kristin Burnham

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place