Katy Perry, the queen of Twitter in terms of sheer number of followers, lost control of her account on Monday night.
A person (or persons) hijacked the pop singer’s handle, @katyperry, and began posting slurs and nonsense to her 89 million followers. The hackers tweeted messages at rival pop star Taylor Swift (roughly 78 million followers), emoji hand gestures, and a link to an apparently unreleased song called “Witness.”
Get Data Sheet, Fortune’s technology newsletter.
In one tweet, the prankster urged Perry’s followers to follow another account, @sw4ylol. That account, whose operator “sway” claims to based in Romania, appears to have taken credit for the takeover.
https://twitter.com/sw4ylol/status/737733842975490048
Sway also posted a screenshot of what appears to be a copyright takedown notice from SoundCloud, the site where the apparently leaked music track appeared. “We’ve received a report directly from Universal Music Group that your track ‘Witness 1.3’ contains ‘Witness 1.3’ by Katy Perry. As a result, your track has been removed from your profile for the time being.”
Perry has deals with Capital Records, a music label owned by the French-American media conglomerate Universal Music Group (VIVEF). Other musical artists such as Justin Bieber (who is in charge of the second most followed Twitter account at 82 million), Sam Smith, Kanye West, and Selena Gomez have deals with Universal as well.
For more on musical artists, watch:
The Twitter account takeover follows on the heels of other hijackings of public figures’ accounts in recent days, including those of Biz Stone, Twitter co-founder, and Markus Persson (aka “Notch”), creator of the computer game Minecraft, now owned by Microsoft (MSFT).
Security experts advise people—celebrities included—to protect their online accounts with long, strong, and unique passwords; with two-factor authentication, a feature that sends a second code to a device of your choice; and with a general mindset of caution, to evade hackers’ phishing schemes.
The fraudulent tweets posted to Perry’s account have since been scrubbed. The pop star has yet to speak about the incident.
