He WAS hacked. He started another account until he can restore this one: @RealMarcCohodes. He had 2FA on, but someone at Twitter told him to remove it. Not sure the full circumstances. Most likely someone linked to @DavidSacks who went and likely paid off someone on the inside of Twitter.

He has been hacked. This is NOT real @RealMarcCohodes

Marc’s account was hacked earlier today. Until he regains access, he’s over at @RealMarcCohodes. This is also an important opportunity for a PSA (public service announcement) to remind folks that if they’re not using 2FA, they should. The BEST method for 2FA is a hardware key, like a yubikey, but that is complex and requires a specific key (nfc capable) and to have that key around/plugged in to something that can power it. For most cases of non-financial applications/sites, the Google Authenticator (or if you don’t trust Google, use Authy…the open source version) is easy to set up and use. It’s a good middle ground and infinitely more secure than 2FA via text message or email.