186 Preventing and responding to a hack of a professional Facebook page

Abstract

Krishona Martinson, Equine Extension Specialist at the University of Minnesota (UMN), established the UMN Extension Horse Facebook page in June 2010 to disseminate research-based information to horse owners and professionals. With Martinson as the owner, the page grew to over 25,000 followers and averaged an annual reach of 2.7 million people. In December 2022, hackers compromised Martinson's personal Facebook page, which was then disabled by Facebook, and gained ownership of the UMN Horse page. The goal of this abstract is to highlight the top 10 lessons learned, which can help others prevent and respond to a hack of a Facebook page. First, install 2-factor authentication. Martinson had not enabled this security feature because she was not comfortable sharing her contact information with Facebook. Second, use a passphrase instead of a password. Passphrases tend to be more difficult to crack due to their length. Third, delete unused social media accounts. The breach occurred when hackers connected Martinson's unused Instagram account to her personal Facebook page. Fourth, ensure the page has other administrators. Before the hackers removed all page administrators, the UMN quickly updated the page banner to notify followers of the hack, stopped all scheduled posts, and removed the branded profile photo to distance the UMN from any unwanted posts. Fifth, be aware of risks and have a plan. Martinson and the UMN page were likely targetssince she managed several Facebook pages and the UMN page had a sizable following. When planning, consider pulling metrics monthly and ensure content created specifically for Facebook (e.g., Live videos) is saved elsewhere so it is not lost if a hack occurs. Sixth, report the hack immediately to direct supervisors, your employers general counsel, and communications and cyber security teams. Seventh, change other account passwords that use the same email and the same or similar password. Eighth, as a precaution post-hack, remove page administrators who are also owners of other pages to reduce the risk of additional pages being hacked. Nineth, take screenshots of any unwanted posts or page changes. Proof of the hack is necessary when reporting to Facebook. Finally, complete as many Facebook forms as possible to report the hack. Martinson was able to file a trademark infringement report through Facebook but was unsuccessful in submitting other reports because her personal page was disabled. Despite efforts shared here, the UMN and Martinson's personal Facebook pages have yet to be recovered. We hope these tips will result in others being able to avoid a frustrating and disruptive Facebook hack or be more prepared when responding to one.