[dsl]

Did you have a phone number associated with your Twitter account? If so call your mobile provider and ask if any changes have been made recently, especially by store employees. If you have two factor set up they most likely removed it and reset your email address using phone verification and intercepted the text message.

For everyone else... go check your Google, Github, etc. accounts and make sure you do not have a phone number listed.

[scottsousa]

Yes I did. I will call my mobile provider to see if any changes were recently made.

I originally didn't suspect a SIM swap attack as I received a text message from one of my contacts around the time the e-mail address was changed. I was out of town of course and did not have my data on. I saw the Twitter e-mail notification the following day. Checking with my mobile provider will be a safe bet for sure.

Thank you for the info.

[scottsousa]

I thought about this a bit further. Wouldn't the join date of May 2019 on the account [0] signify that the user may not have actually reset my password/e-mail address but rather created a new account?

Ether way, I am still going to contact my mobile provider to be sure.

[0] - https://twitter.com/scott

[timwis]

Maybe the attacker simply changed your username after gaining access, paving way for them to register a new account in that name.

[scottsousa]

That's a good thought but I don't think that's the case unfortunately. My e-mail address is not associated with any Twitter account at this time.

Twitter states they cannot find an account with my e-mail address if I try a password reset. As far as I can tell, my previous account has vanished as I mentioned in my OP.

[timwis]

After changing the username, couldn't they change the email address too?

[dsl]

When they take over your account they do a forced delete and create a new account. That way they "own" the name and it is much harder to get back.

[chasingthewind]

Does anyone know if it's safe to leave a voice-only landline phone number associated to an account? Are these as susceptible to being hijacked as cell numbers?

[dsl]

Landline numbers are still vulnerable, it just isn't as common of an attack.

You can go to specific forums and pay $10-15 for a change to be made to a cellular account, usually by rouge employees or hacked point of sale terminals. A landline requires you to get some additional details like the account number, photoshop a bill, and submit that to port the number to somewhere that you control.

[chasingthewind]

Interesting...thanks!