Community managers everywhere were reminded of how easy it is to lose control of their accounts, including third-party social clients, when Buffer announced it had been hacked. Although passwords and billing information were kept safe, a number of users experienced profile hacks that results in weight loss spam being distributed to fans and followers. The Buffer team handled the situation well, quickly alerting users and assuring them that their most vital information was still safe, but the unease undoubtedly lingered with some users long after the service’s security had been restored.
If your third-party social account is hacked, here are the steps you should take to return everything to normal as quickly as possible.
Change your login information.
If you’re able to log in to your account, do so and change your password. If you can’t, contact support to let them know what’s going on. You might end up getting a password reset request when the threat is over, but take the time to do it immediately just to be on the safe side. In addition to changing your third-party client password, take the time to change the passwords of any accounts you have connected to it.
Review your timeline & delete spam immediately.
Check out your Facebook, Twitter and other social network timelines to see if any spam was posted while you were away. If so, make sure to delete it right away. You might have to do this by logging directly into your brand’s social accounts (i.e. Twitter.com rather than Tweetdeck), so make sure you have those credentials handy.
Apologize/explain the situation to your fans and followers.
If any of the spam was offensive or potentially harmful, be sure to let your fans and followers know what happened and advise them to ignore any posts that look fishy. The last thing your brand needs is from a customer to fall victim to a phishing scam just because they clicked on an offer they thought was coming from you.
Continue to keep an eye on your timeline.
Even after the threat is resolved and your account is secure, keep an eye on your timeline. In the off chance that the hackers’ access wasn’t completely cut off, you’ll want to alert the customer support team immediately, and also delete any inappropriate posts as soon as they go live.
If you do get hacked, however, you might want to take a page from The Onion’s book and make it a funny and educational experience for everyone.