“People should be changing their passwords,” says a victim whose account was hacked — and even put up for sale.
On Saturday, multimedia producer and Twitter user Daniel Dennis Jones — @blanket, at the time — received a notification that his Twitter password had been reset. This alone would have been cause for concern; at the very least, it would mean that someone had tried and failed to access his account. He quickly found out that the problem was much worse:
(You can find a first-hand Storify of Jones's experience here. It's long but worth reading.)
He was eventually able to log back into the account, but found that his username had been changed to @FuckMyAssHoleLO (I can only assume the last "L" got truncated), and that @blanket was now operated by someone else. His account, in other words, had clearly been hacked.