https://api.twitter.com/1.1/help/configuration.json has a non_username_paths entry. This is supposed to be a list of invalid usernames, because it matches paths that have (or are) being used by twitter.com URLs.
For a long while now there’s been several items on this list that are indeed valid usernames. It’d be nice to get this list updated since at least one of these (@business) is a fairly large account.
For your convenience I’ve included a list of the false positives below.