Pretty obviously, that's the user's name and the ID of their tweet. Simple, right?

Not really, click on that link and you'll see this: That's my name in the URL bar - but the Number 10 Press Office's tweet on the page.

What's Going On?

Have I retweeted that status? Nope! Am I a 1337 h4x0r who has hacked Number 10? No sir! Is the screenshot a fake? Nuh-uh. Check the link yourself.

It's actually a curious bug / feature of Twitter. Each tweet you send has a unique ID. So there can only be one tweet with the ID 197967209459499008. And that ID will always belong to @Number10press.

The username part in the URL is redundant. It seems that it is not used except to give information to the user / search engines. It can be safely omitted or manipulated.

Malicious Use?

It strikes me that there is a slim chance of malicious use.

One could create a fake account - say Number1Opress (where the 0 has been replaced with a capital O). Make it tweet something ridiculous, then share a URL which has the real Number10press in the URL. Minor embarrassment is probably the worst consequence.

It's an interesting usability / security nexus. The username is placed in the URL to make it easier or more useful for users - but it is ignored by the back end system. As it's part of the hated hashbang syntax, I wonder if it could be simply be rewritten if there's a mismatch?