In the last post, we covered ways to beef up security for your library’s social media accounts to prevent hacking. But what do you do if your accounts are compromised?

It happens more often than you realize. 36 percent of all internet users report they’ve been hacked, and some were victims more than once.

If your library’s accounts are compromised, it’s critical to gain control back as soon as possible. Bookmark this post so you and your fellow staff members will know what to do.

How do you know a hack has happened?

Admins for library social media accounts should be on the lookout for the three main signs of hacking.

  • You receive an unprompted email that you changed your login email or password when you did no such thing.
  • You can’t log in to your accounts.
  • Your account displays posts and direct messages you didn’t create.

Platform-specific steps to take if you determine you’ve been hacked.

You’ll notice I advise you to take screenshots during various steps in this guide. You may need evidence of the hack to get control back of your account. It’s also just good practice to take screenshots and save them to use as you review what happened with your supervisors or staff.

Facebook

  • Look at your Page Roles to see if unauthorized people have been added as admins to your account. If they have, take a screenshot, and then remove them immediately.
  • Next, check Page Info to make sure your authorized phone number, email, and website have not been changed. If any unknown or unauthorized numbers are listed, take a screenshot and then delete them.  
  • Go to Page Management History to review changes that may have been made to your page by hackers. Again, take a screenshot of any suspicious activity.
  • Finally, go to your Activity Log. Log out of any sessions you do not recognize but first, (you guessed it!) take a screenshot.
  • If you cannot log into your Facebook account, try sending yourself a password reset email, and recover your account through your registered email address.
  • If you still have trouble, report your account as compromised immediately, and follow the steps as directed by Facebook.

Twitter

  • Check Settings and Privacy to see if unauthorized people or email addresses have been added as admins to your account. If they have, take a screenshot, and then remove them immediately.
  • Also under Settings and Privacy, check the phone number associated with your account. If any unknown or unauthorized numbers are listed, take a screenshot and then delete them.  
  • If you cannot log into your Twitter account, and a password reset does not give you access, go to the Twitter Help Center and choose Hacked Account from the list of options. Follow the steps to recover control of the authorized email associated with the account.
  • If you still have trouble, contact Twitter Support directly.

Instagram

  • Check Privacy and Security to see if unauthorized people or email addresses have been added as admins to your account. If they have, take a screenshot, and then remove them immediately.
  • Check Edit Profile to make sure that your authorized phone number is still associated with your account. If any unknown or unauthorized numbers are listed, take a screenshot and then delete them.
  • Check Login Activity to see if your account was accessed from any suspicious locations or devices.
  • You’ll also want to check Contacts and delete any unauthorized synced contacts. Take screenshots of all suspicious activity.
  • If you still cannot log into Instagram, contact Instagram directly and work with them to recover your account. The steps to do this vary depending on the mobile device you are using. You’ll find those steps on the Instagram Help page.  

LinkedIn

  • Look at your Admin section to see if unauthorized people or email addresses have been added as admins to your account. If they have, take a screenshot, and then remove them immediately.
  • If you cannot access your LinkedIn account, contact LinkedIn immediately by submitting the Reporting Your Hacked Account form.

Pinterest 

  • Pinterest will place your account on Safe Mode if they suspect suspicious activity. Safe Mode locks your account protecting your pins and preventing any further unauthorized changes or actions. In order to unlock your account from Safe Mode, the password must be reset.  
  • Click on the down arrow next to your profile photo in the upper right-hand corner and select Settings, then Edit Profile. Check to make sure your authorized phone number, email, website, and location have not been changed.
  • Also under Settings, click on Security to check that there are not unauthorized connected devices.
  • If you cannot access your Pinterest account, contact Pinterest for further help.

What to do after you regain control.

  • Notify your followers that your account may have been compromised. This will prevent your fans from clicking on any suspicious posts or messages that appear to be coming from your library’s page, but may contain malware.
  • Notify other account admins and review the steps to beef up security with your account admins.
  • Change the passwords on all your accounts.
  • Check to see if there are any new apps or connections created with links to your accounts. If so, delete them. Hackers often gain access to social media accounts through third party apps.

Did I miss anything? Has your library been a victim of social media account hacks? Let us know in the comments below.

You may also like these posts

How To Create a Library Social Media Policy for Your Staff and Your Community That Encourages Interaction and Keeps Everyone Safe

How to Convince Your Library Staff That Library Marketing Materials MUST Be Accessible!

Latest Book Review

The Book of Two Ways by Jodi Picoult.

Subscribe to this blog and you’ll receive an email every time I post. To do that, click on the “Follow” button in the bottom left-hand corner of the page. Connect with me on YouTube, Twitter, Instagram, and LinkedIn.