Online social networks like Facebook or Twitter have become powerful information diffusion platforms as they have attracted hundreds of millions of users. The possibility of reaching millions of users within these networks not only attracted standard users, but also cyber-criminals who abuse the networks by spreading spam. This is accomplished by either creating fake accounts, bots, cyborgs or by hacking and compromising accounts. Compromised accounts are subsequently used to spread spam in the name of their legitimate owner. This work sets out to investigate how Twitter users react to having their account hacked and how they deal with compromised accounts.

We crawled a data set of tweets in which users state that their account was hacked and subsequently performed a supervised classification of these tweets based on the reaction and behavior of the respective user. We find that 27.30% of the analyzed Twitter users change to a new account once their account was hacked. 50.91% of all users either state that they were hacked or apologize for any unsolicited tweets or direct messages.