Skip to main content
Contact Us
  1. Help Center
  2. Security and hacked accounts
  3. Help with my compromised account

Help with my compromised account

If your account has been compromised but you're still able to log in, this page will help you secure your account and stop unwanted behaviors. 

 

Has my account been compromised?


Have you:

  • Noticed unexpected posts by your account
  • Seen unintended Direct Messages sent from your account
  • Observed other account behaviors you didn't make or approve (like following, unfollowing, or blocking)
  • Received a notification from us stating that your account may be compromised
  • Received a notification from us stating that your account information has changed, and you didn't change it
  • Noticed your password is no longer working and you are being prompted to reset it

 

If you've answered yes to any of the above, please take the following steps:


1. Change your password

Please change your password immediately from the Password tab in settings. If you are logged out, go to Login and click on Forgot Password to reset your password. Please select a strong password you haven't used before. 

Important:

Changing an account's password does not automatically log the account out of X for iOS or X for Android applications. In order to log the account out of these apps, sign in online and visit Apps in your settings. From there you can revoke access for the application, and the next time the app is launched, a prompt will request that the new password be entered.

If you frequently receive password reset messages that you did not request, you can require that your email address and/or phone number must be entered in order to initiate a password reset. Find instructions and information about resetting your password.

2. Make sure your email address is secure

Make sure that the email address attached to your account is secure and that you are the only one with access to it. You can change your email address from your X app (iOS or Android) or by logging in on X.com and visiting the Account settings tab. Visit this article for instructions for updating your email address, and see this article for additional email account security tips.

Important:

If you receive an email from verify@x.com regarding an email address change for your X account, you can reverse this action by clicking on the provided link in the email. 

3. Revoke connections to third-party applications

While logged in, visit Apps in your settings. Revoke access for any third-party application that you don't recognize.

Important:

Note: If you use the teams feature in X Pro, we strongly recommend you check the members list to remove any users you don’t recognize. You can learn more about the teams feature.

4. Update your password in your trusted third-party applications

If a trusted external application uses your X password, be sure to update your password in that application. Otherwise, you may be temporarily locked out of your account due to failed login attempts.

Your account should now be secure, and you shouldn't see the unexpected account behaviors moving forward. If you're still experiencing issues, please file a support request for assistance.
 

5. Contact Support if you still require assistance

If you still can't log in after attempting a password reset, contact us by submitting a Support Request. Be sure to use the email address you associated with the compromised X account; we'll then send additional information and instructions to that email address. When submitting your support request please Include both your username and the date you last had access to your account.


Learn more about what you can do if you've lost access to the email account associated with your X account.

 

Protect your account with simple precautions


If your account has been compromised, take these additional precautions:

  • Delete any unwanted posts that were posted while your account was compromised.
  • Scan your computers for viruses and malware, especially if unauthorized account behaviors continue to be posted after you've changed the password.
  • Install security patches for your operating system and applications.
  • Always use a strong, new password you don't use elsewhere and would be difficult to guess.
  • Consider using two-factor authentication. Instead of relying on just a password, login verification introduces a second check to make sure that you and only you can access your X account.  It is a critical security feature that adds an extra layer of protection to your account and significantly reduces the risk of unauthorized access.
  • Do not share your login credentials with anyone as a best practice to minimize the risk of account compromise.

You can find more information in our account security tips page.

 

How do accounts become compromised? 


Accounts may become compromised if you've entrusted your username and password to a malicious third-party application or website, if your X account is vulnerable due to a weak password, if viruses or malware on your computer are collecting passwords, or if you're on a compromised network.

Unexpected updates don't always mean that your account was compromised. Occasionally, a third-party application can have a bug that causes unexpected behavior. If you see strange behavior, changing your password and/or revoking connections will stop it, as the application will no longer have access to your account.

It's best to take action as soon as possible if updates are appearing in your account that you did not post or approve. 

Share this article