How a Third-Party can ruin a Super Party and what you should do today to secure your Twitter account

Updated – Originally published in February 2020

Congratulations to the LA Rams on their super victory! As usual, Twitter was on fire before, during and after the game feeding us bits of perspective on the players, the halftime show and the commercials. Did you know that back in 2020, just days before the big game, the Twitter accounts of 15 NFL teams including the Chiefs and my beloved Bears were compromised?

You can read more about that here: https://www.theverge.com/2020/1/28/21112015/nfl-ourmine-hack-social-media-twitter-facebook-instagram-accounts

When we think of an account being hacked, we often assume that the account’s password was compromised allowing the hacker to directly login and take over the account. That’s not always the case and there is an even bigger risk that we need to address – third-party apps. In the case of the NFL Twitter hack, it appears that the accounts were compromised through a third-party platform. For example, a third-party marketing platform used to manage social media. It’s quite common to allow another app to access your Twitter account, but it can get messy.

Even Facebook’s Twitter account was hacked: https://www.forbes.com/sites/daveywinder/2020/02/08/facebook-hack-social-network-confirms-134-million-follower-twitter-account-compromised/#508d19c33b5e

If you have a Twitter account, here’s what you should do.

  1. If you have an account but don’t use it, consider deleting it.
  2. Make sure you are using a unique, strong password.
  3. Enable two-factor authentication.
  4. Review and revoke 3rd party access.
  5. Secure your 3rd party apps too by repeating steps 1-3.
Twitter’s security and privacy settings can be accessed from the app or desktop browser. There’s a lot going on here so I find it easier to work with the settings from my laptop rather than the app.
Using a strong password is a no-brainer but what’s more alarming is the number of 3rd party apps that have access to my account. More on that in a moment…
Don’t forget to use Two-factor authentication.
Take a close look at “Apps and sessions” – these are the 3rd parties that you have trusted with access to your Twitter account.
You might be surprised at what you see here. Review and revoke all access that is no longer needed.
Select the app and tap REVOKE ACCESS. It’s that easy.

Now you know that it takes more than a password to secure your Twitter account. Tweet in confidence knowing that you can keep your account more secure in just a few simple steps. As always, thank you for reading!

#simplesecurity