You’ve Been Hacked!

Handling hacked social media accounts for public figures and high profile executives

---

This is an article by Luciana Shortal. She is a digital marketing expert with a corporate and start-up background and a primary focus on B2B, tech companies and e-commerce. She is currently digital marketing evangelist at NorthPage, a digital marketing intelligence firm. Luciana can be reached for freelance and consulting engagements via LinkedIn and Twitter.

---

Having a social media account hacked can be a devastating experience for anyone. The target of the attack has been violated and victimized. Depending on the hacker’s activities while in control, such as offensive posts, tweets, or comments, the victim may feel embarrassed, even defamed. Furthermore, your connections, whether friends or family may become needlessly alarmed, concerned, or offended by the posts.

When the target of the profile hijacking is a public figure or celebrity, the consequences can be even more far-reaching and damaging. Not only is the individual’s reputation at stake, but with an audience in the hundreds of thousands or even millions the reach of the rogue posts will be exponentially larger.

Since today’s reality is that many public figures have a third party or team managing their public persona, this article is written to guide these social media managers and PR professionals in responding to a social media hack.  These individuals should work collaboratively with the public figure to respond in a swift and comprehensive manner to achieve the best outcome.  

Read on to learn the immediate steps to take when a hack occurs and how to manage social media accounts to prevent future incidents.

First Things First

Party’s over

You’ll want to act quickly to end the hacker’s fun at your client’s expense. The fastest and easiest way is to change the account password, locking them out of the account. Next you’ll want to notify the social media platform of the breach through the resources they provide under “Help” or “Customer Support.” If the hacker has already changed the account password, proceed directly to contacting the social platform for assistance. Use the online support mechanisms and follow-up by calling any customer support number when available.

Now that you’ve gone to the source to begin addressing the issue…

Take a deep breath 

While this may seem a nightmare for the person in question and you as someone they depend on, now is not the time for impulsive or emotional reactions. Engaging with the hacker on the social media platform through other profiles will only feed the hacker’s ego and draw more attention to the situation playing out. Often this is exactly the violator’s intent, so avoid feeding the fire.  

Opportunity knocks

Sometimes the stance on responding to a hack is to restore order but not acknowledge it at all. However this is a missed opportunity to create goodwill and recognize that it can happen to anyone. These situations have become incredibly common and people understand.

So your next step is to prepare a thoughtful response. The ideal response makes light of the situation and lets followers know it’s “business as usual.” Here is a great example of a response to a recent Twitter account hack from Bob Lord, Chief Digital Officer at IBM:

Even the most digitally-minded of us can fall victim to a hack. Apologies for any unsavory tweets – all is fixed! #backtonormal #digital

— Bob Lord (@rwlord) January 4, 2017

This candid response is perfect – a little self-deprecating, apologizes for the “unsavory tweets” and lets followers know order has been restored. The above reinforces that breaches can happen to even the most “tech-savvy” of us!

Be the change 

This last step is optional, but can help address this issue on a larger scale, potentially causing hackers to think twice in the future. Apart from notifying the platform of the hack, you may want to work with them to see whether the hacker can be identified and whether legal action might be in order. At the end of the day, it is important to decide whether you want to spend more time and energy on the situation than it merits or just move forward.

Preventing Future Hacks

As mentioned, account hacks have become incredibly common and will never be fully prevented, but there are steps you can take to shore up your social media accounts making them less attractive and less “hackable” targets.

Change is good

Following the breach you’ll want to change the passwords on all social media accounts. This is critical if any accounts had the same password as the hacked account, but also a good measure in case the hacker gained access to credentials for more than one account. Make the passwords strong using a combination of uppercase and lowercase letters, numbers, and symbols.

Limit risk 

While it is not advisable to store credentials anywhere, the reality is it is somewhat unavoidable. It is important however to minimize access to usernames and passwords as much as you can. A password management tool is incredibly helpful for this and should be implemented if you’re not using one already.

Keep it fresh 

Establish a cadence for updating the passwords associated with the social media accounts you manage – and stick to it! Quarterly or monthly are good schedules to follow.

Be a star 

When the platforms you use introduce additional security features such as two factor authentication, take advantage of them to add extra layers of security.

Stay connected 

It is a good best practice to have notifications turned on for all the social media accounts you manage. This ensures that you are alerted to any unusual activity on accounts in real time, enabling a more rapid response.   

Conclusion

These guidelines can be helpful in securing your social media presence individually and that of your high-profile clients. While hackers have become a part of our digital lives, these measures can go a long way to addressing an account breach swiftly and limiting the potential for them in the future.