The University of New South Wales (UNSW) has had a headache of a weekend with its Facebook page being hacked not once, but twice in the past 72 hours.
It was the University’s open day this weekend as well, meaning hordes of potential students were flocking to the grounds and various UNSW media channels to see what’s in store.
The hack has seen a heap of click-bait type links put up, many featuring scantily clad women and science claims.
The posts have since been removed. A statement from UNSW said: “There was a second security breach of UNSW’s Facebook page late last night. The University regained control of the pages early this morning and the offensive posts were removed. UNSW has put in place additional security measures around its Facebook pages.”
There hasn’t been any official statement about how the hack occured, however Lewis Sheids, social strategist at N2N Communications and Fuel Communications, said there’s speculation it was due to a phishing email.
“In this situation the Page Admins are removed, leaving the channel entirely at the mercy of the people who have claimed the page,” he explained. “However, there are a number of ways this can be avoided, such as setting up Login Approvals on Facebook. This two factor authentication system requires users to enter a code Facebook sends them to login – making it harder for phishing software to gain access in the first place.”
While not on the scale of the recent Ashley Madison hack that saw user details of the extramarital affair website leaked onto the internet, the hack does bring up questions of online security, particularly for social media platforms.
It’s the age old saying of ‘Fool me once, shame on you. Fool me twice, shame on me’, said Nastasia Marjanovic from PR agency, Straight Up PR.
“Being hacked twice raises concerns about cyber security, and confirms that not even big organisations and industry bodies are safe,” she said. “Although UNSW’s demographic is young and some would have found the posts humorous, it’s the prospective students and parents that see this as a bigger concern than just a Facebook hack. These greater scale hacks seem to be happening more and more, and all our security fears about the Internet are finally coming to life.
“The University needs to acknowledge the problem, be honest about the situation, apologise and ensure it won’t happen again.”
In terms of how brands can avoid this happening to them, Alex Lefley, director, consumer and digital at PR agency Edelman, stressed brands need to use a management system.
“For example, using a management tool such as Adobe Social or Facebook’s business manager tool, allows users different levels of access and posting ability so the publishing of content can be very strictly managed and controlled,” he said. For disclosure, Adobe is a client of Edelman.
“In addition, it’s critical to change passwords on a regular basis – at least monthly or if there is a suspected cyber attack or Twitter Storm.”
How the hack has actually affected the brand remains to be seen, however some of the reviews on the Facebook site have been pretty tongue-in-cheekily positive.
UNSW says it’s still working with Facebook to be able to access the page again.
UNSW is working to regain access to our @Facebook page, after it was hacked again last night. We will keep you updated. 1/2
— UNSW Australia (@UNSW) September 6, 2015
We apologise for any offence caused by the inappropriate posts. 2/2 — UNSW Australia (@UNSW) September 6, 2015