The news that Burger King’s Twitter account has been hacked is just the latest in a string of security breaches to hit the microblogging service. Earlier this month, Twitter revealed that 250,000 users’ passwords had been stolen, along with usernames, e-mails and other sensitive information.
Meanwhile, at the end of 2012, a number of high-profile accounts (including those belonging to TechCrunch and comedian David Mitchell) were compromised, prompting Twitter to “unintentionally reset passwords of a larger number of accounts, beyond those [they] believed to have been compromised.”
Attacks like these, coupled with the mountains of data that sites like Twitter, Facebook and Google keep stockpiled on their servers, are sure to shake the public’s faith in the security of social sites, but it’s a risk we have to take if we want to be a part of the conversation. Individuals and companies alike need to have plans in place to deal with attacks – it helps to choose strong passwords and to use different passwords for different sites.
In the case of Twitter, it’s also important to associate a phone number and an e-mail address with your account, so you can reset your credentials immediately in the event of an attack. Make sure that the e-mail address is active, too – if it’s not, you’re out of luck.
According to Twitter, “if you don't have access to the account's email address or verified mobile number, [they] are unable to continue troubleshooting.” Worse still, they can’t even free up the username, forcing you to create a new account from scratch and leaving the hackers in control of the old one.
For Burger King, whose account is verified and had tens of thousands of followers before the attack, the breach is serious – the hacker used the account to link to YouTube videos and to suggest people to follow, attributing the hack to McDonalds. McDonalds have since denied the claims, tweeting: “We empathize with our @BurgerKing counterparts. Rest assured, we had nothing to do with the hacking.”
Regardless of who’s responsible, Burger King was slow to react, taking an hour and a half to reclaim their username. By the time that their community managers were back behind the Twitter-wheel, the damage had been done, if 30,000 new followers and over 2,000 RTs counts as damage.
Fortunately for Burger King, the temporary loss of control has resulted in a surge of interest for a battered brand. The Twittersphere’s eye is firmly fixed on @BurgerKing, and they’re missing a golden opportunity by staying silent since reclaiming the account.
Perhaps they could learn a lesson from Jeremy Clarkson, whose account was also compromised in what’s believed to be a separate attack. The Top Gear presenter, never one to mess around, tweeted: “Unlike some people, I WILL find who hacked my account. And I will visit them.” Clarkson showed a surprisingly socially savvy side – he’s maintained an authentic voice and responded to a crisis through the medium in which it presented itself.
It’ll be interesting to see if Burger King can capitalise on this sudden exposure to do the same.
Dane Cobain is a social media executive at Sociabull