My Twitter account was recently hijacked using what I believe is either a vulnerability or exploit within Twitter. My username was one that I consider to be somewhat sought after (I had offers to sell it).

I am not able to contact anyone at Twitter support. The Twitter support platform is just automated steps that do not help in any way.

My followers, tweets, and most importantly the connections I’ve made are gone. Simply vanished. My e-mail address is no longer associated with a Twitter account. Ifound a user on HN who had a similar issue [0] but my mobile device wasn’t hacked.

Here’s what I know:

I received an e-mail from Twitter stating that my e-mail address was changed. Prior to this I did not receive anything else from Twitter - no login notice, no two-factor authentication code, etc…

My Twitter password is/was 64 characters and is stored in KeePass. I had two-factor auth enabled on my account which was linked to my mobile. I retain sole access to all of my devices and that e-mail address. As far as I know, nothing that I own has has been compromised.

Whoever has control of my Twitter account joined Twitter in May of 2019. I suspect they may have bypassed the existing username restriction during registration.

I’ve opened multiple support requests with Twitter. All of those have been closed. I submitted a bug bounty report on Twitter’s HackerOne page [1] but it was promptly closed citing no access to individual accounts.

I reached out to some current and former employees on via Twitter and only had one response from a former employee. I also reached out to a few Twitter employees via e-mail to no avail.

I’m hoping that someone here might be able to at least offer me some advice. I doubt I’ll ever see my account again but figured this was worth a shot. Thank you for your time.

Scott

[0] - https://medium.com/@simon/mobile-twitter-hacked-please-help-2f65c691edf8 [1] - https://hackerone.com/twitter