Perhaps you were there when Katy Perry surpassed Justin Bieber and became the most-followed person on Twitter, now holding the attention of a whopping 89-million users (bots and all). If you weren’t, that happened a while ago, and the pop sensation who brought “California Girls” into this world has been enjoying a dominant reign over Justin Bieber, her mortal enemy Taylor Swift, and President Barack Obama, since January.

But disaster struck (in under 140 characters) on Monday night, when the pop star’s coveted Twitter account fell into the hands of a hacker who shot out tweets that ranged from vicious to utterly confusing.

Before the tweets were taken down, one directed users to another Twitter account — “@sw4ylol” — which claims to be based in Romania and is still quite active (as of 3 hours ago, the user was looking for a job). Despite finger-waggers insisting that celebrities tighten up their security, this kind of thing happens often, and goes beyond password protection. Just earlier this month, a massive leak publicized over 272 million e-mail passwords from across several services. Cybersecurity has been a hot topic in recent years because of leaks like this, but it’s especially interesting that Twitter’s most-followed account wasn’t receiving protection on a higher level than other users on the platform. With all this in mind, Perry’s team likely changed all of her passwords, but the fact of the matter still stands: Twitter has some work to do if security can be breached this easily.