Join 3,551 readers in helping fund MetaFilter (Hide)


Twitter Crisis - can anything be done?
August 9, 2014 6:23 PM   Subscribe

Our shared Twitter account was recently hijacked by a member. Passwords changed. Everyone kicked off. Can Twitter do anything about this or are we screwed?

Our activist group has collectively run a shared Twitter account through Hootsuite for several years. Recently, an aggrieved password holder has usurped the account and taken sole control. We had three password holders for security measures but this was apparently not enough.

Everyone else is completely locked out. All passwords, backup emails, and phone numbers have been changed in both hootsuite and twitter.

This individual has no legitimate claim to ownership. But neither does anyone else. The account has always been run as a collective. We do have internal procedural documents and public tweets dating back years that will attest to the account's collective management.

Twitter's I've Been Hacked! page isn't much use. It's not "my" account and the contact info has been changed. The impersonation page seems to be our best bet.

Is there anything to be done to get this account back in the hands of the group? Will an appeal to Twitter be any help at all? 273 million users and rampant hacking make me thing it will be while before we get a response, if ever.

Any help, advice, tips, tricks, or sympathy would be greatly appreciated.
posted by willie11 to Technology (7 answers total) 1 user marked this as a favorite
 
Contact support. Make it sound like it was your account you were sharing if it comes up at all. It really helps if you control the old email address. In the future, have only the most trusted user (you?) control the account and the email.
posted by michaelh at 6:56 PM on August 9


To me it looks like it may be against the twitter TOS to have been using it in the way you have been. IANAL. You may be able to get the hijacked account shut down. Start a new account in a manor compliant with the TOS. Getting a legal framework for your collective may help with this sort of thing in the future.
posted by Sophont at 7:41 PM on August 9


It's pretty common for organizations (non-profits, companies, etc.) to have multiple folks contributing to twitter accounts -- I would consider framing it like that in your appeal.
posted by kylej at 7:55 PM on August 9 [1 favorite]


Starting over is not an option in this case. Especially because the usurper in question has every intention of continuing to operate this account as if it was still a collective.

Hootsuite and other third party applications are made to supplement twitter's lack of native group tweeting functionality. From what I can tell, Twitter has not created formal policies about group accounts despite this being a fairly common practice now.
posted by willie11 at 8:35 PM on August 9


You need to get the account shut down. Tweet at them constantly, report them for spam, buy a promoted tweet telling everyone the account has been jacked. Attack them any way you can in public, legally of course, until you get them to give it back.
posted by Potomac Avenue at 8:57 PM on August 9 [2 favorites]


It's someone's account and that person is the originator. My sad neglected twitter was hijacked but they seem to maintain original information. Mine was hacked. I merely requested a password change and they sent it to my originating email account.

Whoever originated the account has ultimate rights via their email. If the hijacker was the originator then you are fucked.

I just checked mine to see if I could reset my password and recieved the following:

"We received a request to reset the password for your account, @vapidave.
If you made this request, click the button below. If you didn't make this request, you can ignore this email."

Keep in mind that the first time I did this was after it had been hacked and I was able to reassume control. The email address of the originator is the pivot point as near as I can tell.
posted by vapidave at 10:08 PM on August 9 [1 favorite]


The fact that this is a shared twitter account is likely going to make this difficult. I would suggest approaching this as if it were a sole-owner account and say that you got hacked. I believe that Twitter will keep track of the email addresses/phone numbers associated with the account in the past, which you should (hopefully) be able to use to prove "ownership", if necessary. I'd echo the sentiment above to paint you (or whoever has the email address used to open the account) as the "owner" of the account and that there was a rogue actor that hijacked it, rather than that you were lackadaisically sharing passwords (which is an internet security 101-level bad idea, IMHO) among the group.

Having said that, I'm not optimistic about your chances, and it's likely that the best you'll be able to hope for is getting the account shut down. If you do get it back by some miracle, or start over with a new account, take some time to draw up a plan to deal with this situation in the future.
posted by Aleyn at 12:39 AM on August 10


« Older I'm finally in Seattle. Yay! I...   |  I'm looking for the title/auth... Newer »

You are not logged in, either login or create an account to post comments