What To Do If Your Social Media Gets Hacked
The 21st century has brought exciting innovations to the forefront, especially the ability to connect with virtually anyone, anywhere, at any time. When it comes to social media, this means being able to share not only information, photos and videos but to also connect in professional networks. Regardless of why you may use them, the possible dangers of being hacked are the same.
We’ve all seen posts from friends casually writing “I’ve been hacked.” But the severity of having your social media accounts infiltrated go far beyond having a couple pictures stolen or someone writing uncharacteristic updates. There is a plethora of personal information available in our profiles and people with malicious intent can use this to their advantage to not only do serious harm to you, but also to friends on your network.

You may remember a Facebook phishing attack that circulated in April of last year. Users received a message (supposedly) from Facebook’s Ads team, saying that they were in violation of its Terms of Service and if they did not log in and confirm their identification, their account would be closed. The message was fake and users who logged in were offering up their credentials to hackers with malicious intent. It also made it easier to spread the message, via Facebook Messenger, to the user’s friend list. You can check out Facebook’s tips for how to avoid phishing scams here.
The number of hacked records might actually astound you. Back in 2012, a data breach put what was originally thought to be 6.5 million LinkedIn user accounts at risk. In 2016, they disclosed that the number was actually 117 million.
You might be thinking, “well I don’t really have much to hide, I don’t care if I get hacked.” Think about it, though: if you looked through the content of your emails, private messages, texts, Whatsapp messages, and more, would there not be private things you don’t want stolen? Things like photos and videos that can be manipulated, financial information like tax receipts, medical information, addresses…the list goes on and on. The reality is that a lot of personal information lives online now, and it’s fetching a pretty penny with hackers with malicious intent.

Stars, They’re Just Like Us
Think only the everyday Jane and John Doe are subject to attacks? Think again. Both celebrities and leaders in the tech field have been victim to such hacks. Poor Mark Zuckerberg has been hacked on both Twitter and Pinterest, twice! Other victims to similar hacks include Google CEO Sundar Pichai (Quora hacked), Twitter cofounder Evan Williams, Taylor Swift (Twitter and Instagram hacked), Uber CEO Travis Kalanick (Twitter hacked) and Justin Bieber (Twitter hacked).
Gaining access doesn’t necessarily happen through the social platforms themselves. Take, for instance, Hootsuite CEO Ryan Holmes’ story. Hackers gained access to Holmes’ Twitter account via an app that he hadn’t used in years. Having previously linked this app to his Twitter account, once they got through, it allowed them to also gain entry to Twitter. Holmes says the experience was “scary, humbling and embarrassing.”

Chalene Johnson, New York Times best selling author, motivational speak, lifestyle and business expert, and founder of the SmartLife movement, relies on social media for her livelihood. When her Twitter account was hacked in 2015, it wasn’t long before access to her other platforms were gained. Hackers taunted her with the fact that they were not only in control of her accounts but had access to personal information; if she refused to pay a ransom, they would post it publically. Johnson turned to Darren Natoni to help her during her crisis, who says that being hacked is “an eye-opening catastrophe that I don’t wish upon anyone.” Apart from the emotional torment involved in being hacked, Johnson’s particular case was pricey. Between security experts, loss of wages and rebuilding her security, the hack cost her in excess of $200,000.
I’ve Been Hacked, What Do I Do Now?
If you’re unable to log in to your Facebook account, you can ask a friend to report your account for you here. Scroll down to the section, “I think my friend’s account was hacked” and choose the selection that best suits your situation. You can find similar help for Twitter here.
From Our Experts, To You
We asked our in-house experts to give some advice on staying safe in the face of social media data breaches. Here’s what they had to say.
Security Expert, Paul Pereira-Brunner: “In the case of social media accounts, you should make absolutely sure the email they are linked to has as much protection as possible. It's a single point of failure…since everyone gets their password reset emails there. That's the major way people get in.” Use security questions as backup for logins? Great. But don’t use logic and actually answer the question. Pereira-Brunner suggestions also creating individual passwords for those. Lastly, use a password manager, like Last Pass and change the master password at least once per month.
Director of Malware Lab, Andrew Browne: Choose services that offer two-factor authentication. What does this mean? When you log in with your password, you will then be prompted to enter a special code (usually sent via text or voice call) before being granted access to your account. This helps especially when logging in through new devices or from a different location. It helps confirm that it’s really you – and if it’s not, protects your account from being hacked. Want to check if you’re account has been compromised? Try Have I Been Pwned. Use complex passwords that are at least 15 characters long, a mix of letters, numbers, and special characters and that are not words from the dictionary or words related to your life (spouse/child’s name, etc). Don’t share your passwords with anyone and don’t reuse them for multiple accounts. If you find out that your account has been compromised and can still log in, change the password immediately and enable two-factor authentication. But, “if you can’t access the account, contact the service’s support team straight away to see what your options are. Normally they’ll ask for information about your location, recent activity on the account or other information that can help them identify that your account really has been compromised.”

Director of Cloud and Data Platform, Alexander Martin-Bale: There’s different types of hacks when it comes to social media and, depending on the platform, some are more dangerous than others. Some are just meant to be a nuisance, rather than to dig deep into personal data. However, the advantage of getting access to someone’s social media is that you also get access to an easy way to spread malware. It may not be a big deal if your Twitter is hacked if you are a casual Twitter user. On the other hand, if you use LinkedIn and Facebook heavily and even for business use, it will be much worse if someone with malicious intent finds their way in to your private messages and personal data. Martin-Bale echoes what our other experts say in terms of protecting yourself, especially avoiding simple passwords like “123456,” saying it’s far more common than we think.