It happened to me (and many others). It could happen to you.
So what happened?
Thankfully others had done their detective work while I was listening to podcasts at 30,000 feet. The message had been sent from my account (and many others) via a third-party app called Twitter Counter.
Twitter Counter requests read *and* write access to your Twitter account, in order to do its jiggery pokery counting your Twitter followers. I gave Twitter Counter access to my account in October 2014, and that clearly was a decision I now regret. Quite why it would need write access, unless it is planning its own self-promotion, I can't say.
The fact that a third-party app was used means that the hackers didn't have my Twitter password. Phew! It also meant, however, that they didn't have to try to bypass Twitter's Login Verification feature in order to tweet from mine and thousands of other Twitter users' accounts.
What should you do if you had your Twitter account hijacked in this way?
Delete the offending tweet, and revoke the offending third-party app's access to your Twitter account.
Learn more / En savoir plus / Mehr erfahren: