WSJ Facebook Page Hacked

Incident Highlights Social Media Risks
WSJ Facebook Page Hacked

An incident involving hackers posting false "news" reports on The Wall Street Journal's Facebook page demonstrates yet again why organizations must ramp up their efforts to protect their social media accounts to avoid reputational harm.

See Also: 10 Incredible Ways You Can Be Hacked Through Email & How To Stop The Bad Guys

On July 21, the Journal confirmed that its Facebook account was hacked and false comments posted. "We are aware that our Facebook page was compromised," the newspaper said. "We have deleted the posts and are looking into it."

News site Mashable took screen-grabs of the fake comments. One of the comments read, "#BREAKING: US Air Force One crash feared as air traffic controller loses contact with pilot over Russian air space."

The Journal confirmed to Information Security Media Group that the unauthorized postings to its Facebook page were due to a compromise of a third-party account. "We acted quickly to remove the erroneous material and have reset affected accounts," according to a statement from the newspaper.

What's At Stake?

The incident highlights the many risks of a corporate social media account takeover, says Nikki Junker, communications and media manager at the Identity Theft Resource Center. "These risks range from damage to a brand's reputation to global financial impact, as was seen in the hacking of an Associated Press Twitter account last year," which caused the Dow Jones Industrial Average to drop 143 points, she says (see: Social Media Needs 2-Factor Authentication).

Shirley Inscoe, a security analyst at consultancy Aite Group, says the attack could have been a test to see if the hackers could post the false items successfully and how long it would take to be removed. "Media and social websites need to be much more security conscious than they have proven to be to date," she says.

It's important to take advantage of two-factor authentication offered by many social networks, Junker says. "You can set both your Twitter and Facebook accounts to send you a text message with a verification code which must be entered in order to log-in to an account," she says. "While it may take a bit of extra time, it can help prevent serious problems for your organization."


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.