The role of communication in today’s environment has changed. The accelerated pace of digital transformation is requiring public entities to cement their presence on social media. But as more people rely on these major networks as a source of information, communicators must ensure the truth spreads faster than lies as they race against a rise of digital misinformation and online trolls. So, what’s the last thing you want to see as a communicator when you log in to your agency’s account? That you’ve been hacked. But that’s exactly what happened to Denise Miller, Director of Communications, and Pam Solomon, Assistant Director for Communications for the City of Weston, Florida.
The City of Weston already had an established Twitter presence and in January of 2020, they launched Facebook and Instagram. They had only been on these platforms for a couple of months, but with hard work and a young audience interested in social media, both their Facebook and Instagram accounts quickly blossomed and became the source of information for their community.
In August 2020, Miller and Solomon received a weird copyright violation email from Instagram asking them to sign in. With Solomon on vacation at the time, Miller clicked on it. Shortly after, they noticed a new login to their Instagram account, which was unusual as Miller and Solomon were currently the only administrators who would log in. Then the unimaginable happened. The hacker deleted all of the posts from their Instagram account and new content started appearing that was not from the City. And just like that, all of their hard work and engagement was gone in seconds. Luckily, Miller and Solomon used their personal Facebook logins to drive the page for the City, so their Facebook page remained unharmed. The hacker also set an age limit on the account and spammed all of the City’s followers (as well as non-followers) with a direct message of the same phishing attempt that had bested Miller and Solomon.
Facebook prohibits dummy accounts and direct logins. All admins of your Facebook Page should have authentic profiles that they use to access your page.
For six days the City of Weston didn’t have control over their Instagram account as they attempted every method to get help from Facebook but never heard back. “We thought we could just contact Facebook or Instagram and they would fix it – but no – it’s not that easy with huge digital media companies to get an immediate response,” said Solomon.
So as a customer of ArchiveSocial, they decided to reach out. “It was nice to know there are people out there you can reach out to and hear a friendly voice because we were a boat adrift,” said Miller.
The ArchiveSocial team quickly provided Miller and Solomon with suggestions for who to contact and what to do. But once they got through to Facebook, they were told their feed could not be restored due to legal reasons.
Luckily, ArchiveSocial ensured Miller and Solomon that they still had a record of their feed prior to the hack and all of their deleted content was backed up in their social media archive.
Miller and Solomon finally regained control of their account after six days. They then promptly updated the email associated with their account and reset their password. They also set up two-factor authentication (2FA), something they had not done before.
Unfortunately, the City did have to start its presence on Instagram all over again. “When we got scammed it was kind of devastating – to not be able to get back what we had lost, it was very disappointing,” said Miller.
But thanks to ArchiveSocial, the City could still access their deleted content and remain compliant with public records laws, allowing them to respond to a records request.
Find out why more than 5,000 organizations trust ArchiveSocial to manage their social media records.