Skip Ribbon Commands
Skip to main content

How to contain a Twitter hack when it happens

computer keyboard (image)
Photo: Chief Photographer/MOD [OGL], via Wikimedia Commons

Just as social media has emerged as a powerful tool for businesses to engage with customers in ways that promote their products and services, it has also become another target for hackers intent on doing quick, potentially lasting damage to corporate brands. The list of Twitter-hack victims reads like a who’s who of business, government and media. Chipotle, Burger King and Jeep have all seen their Twitter feeds taken over by hackers who spewed strings of malicious messages before the companies regained control. Similar incidents have afflicted the Twitter accounts of the U.S. military’s Central Command and publications such as Newsweek, Le Monde and the New York Post.

While these very public incidents may not wreak as much havoc as the data breaches that have befallen companies like Target, Sony and Anthem, they do threaten to seriously tarnish a brand. Even though Twitter breaches tend to be brief, the embarrassment they cause can undo the goodwill corporate social media teams work so hard to build.

For example, the hackers who took over Burger King’s Twitter account, in what was called the “Big Mac of Twitter hacks,” made it seem that the feed had instead been taken over by the company’s biggest rival, McDonald’s, and falsely tweeted that Burger King had been sold to McDonald’s. It may seem easy to laugh at that prank, but the hackers then took it a step further and tried to disparage the Burger King brand by posting obscene and racially offensive tweets.

As with all forms of cyber-attack, business should think of Twitter hacks in terms of “when,” not “if,” and be prepared to mount a swift, decisive response at any moment. “The scope and frequency of data and social media breaches has grown exponentially,” says Michael Levinson, the head of Global Information Security at JLL. “Quick action and transparency are key to maintaining credibility with customer and employee audiences.”

Levinson recommends these quick responses to contain a Twitter hack.

  1. Control – immediately change your account password. Use a strong password, which means no dictionary words, family names, pet names or birthdates. Also change the passwords of third-party apps, such as TweetDeck or Hootsuite, which you use to manage Twitter.
  2. Contain – check to see if hackers could have gotten access to your account. Conduct a review of Twitter settings and consult Twitter support resources to determine best practices and modify your settings as necessary.
  3. Eradicate – immediately remove all unauthorized content — fake tweets — from your feed.
  4. Recover – post a tweet or series of tweets that link to a public statement from the company to indicate the nature of the breach, detail the actions taken to contain it and correct any misinformation it may have disseminated. It may be necessary to start by posting an acknowledgment of the hack and then provide updates as the full scope of the situation becomes clear and recovery steps are determined. Stating only what is known at the time avoids the need to provide corrections later.

While this may sound more complicated than it’s worth, the fact is, social media is here to stay. Your customers are there — as are the hackers. So it’s imperative that every business maintain a vigilant watch over this important but vulnerable medium.

“Twitter is a great tool for business but it is also a fertile source of information for hackers preparing social engineering attacks,” says Terry Kurzynski, founder and senior partner of information security consultant firm HALOCK Security Labs. “Proper use by well-informed employees can prevent it from becoming a gateway for hackers.”​