Twitter Hacks

7th Dec, 2021

Journal

It’s incredibly difficult to speak to a human in support on social media platforms.

From the platform’s perspective, it makes sense. They’re dealing with millions/billions of users: it’s impractical to have anything other than a self-service and automated support systems.

For users, this doesn’t matter when everything’s going smoothly, but what happens when something goes wrong? What happens if this account is critical for you business?

Recovering an account

This happened to a friend-of-a-friend recently. A mutual friend put us in touch after their Twitter account had been hacked.

In short, they had received an email to say their account had been accessed from a different country. By the time they tried to access the account, the email address, password and phone number had been changed.

I don’t know anyone at Twitter, nor do have any experience of recovering lost accounts, but I wanted to help. They had already tried multiple methods of reaching Twitter support with no luck.

This struck me as odd because Twitter would be able to see:

Login patterns/locations
That this person was emailing from the previously-associated email address
That the account email, password and phone number were all changed shortly after a login from a previously unused location

Nothing from Twitter’s support pages on hacked accounts seemed to help. At one point, Twitter’s systems even asked the hackee to login to their account and verify their ownership...

Template letter

In this case, the account was clearly attached to an individual: the photo was a headshot and the account username and name were that of the account holder. With this in mind, we decided that one approach would be to claim the account was an impersonation.

After some unsuccessful attempts, the account holder successfully regained access. The key was to pitch their support request around the fact that this account was representing their business (as a sole trader, but this should work for companies, too).

The account holder tried this after scouring the internet and finding a template letter similar to this (source currently unknown):

Dear Twitter Team,

Thank you for the quick response to my query regarding the official Twitter account of [NAME].

In answers to your questions:

Your username - [@USERNAME]

Any email addresses that may be associated with your account - [ACCOUNT EMAIL ADDRESS]

The last date you had access to your account - [DATE]

The phone number associated with the account (if you verified your phone number) - [PHONE NUMBER]

I am the sole representative of the business, [BUSINESS NAME], registered in the UK with HMRC.

The Twitter account [@USERNAME] was created [X] years ago and has been operated by me since then as the social media account for my business. Recently, someone maliciously acquired access to the account, changed the email address associated with it and also the password - on or around [DATE], which I think you will be able to see from your records.

Could I please request that you change the email address for the Twitter account back to [ACCOUNT EMAIL ADDRESS] so that I can recover the account and start using it as the business official Twitter account once more?

I hereby confirm that all the information provided above is true and accurate to the best of my knowledge.

If you have any questions, kindly contact me on this email or on [PHONE NUMBER].

With best wishes,

[NAME]

If you lose access to your Twitter account and it’s associated to your business, this could be a route to regain access.

Reply by email →