On Tuesday, 27 January 2015, hackers briefly got control of the Twitter and Instagram accounts of Taylor Swift, the Grammy-winning American pop-star, creating a stir on social media.
The infiltrators who took control of Swift’s Twitter account sent a pair of tweets, which have since been deleted, to the star’s 51 million followers.
The two accounts that received unauthorized shoutouts from Swift’s account – @lizzard and @veriuser – have been suspended.
We can only guess whether the @lizzard hacker was associated with the notorious Lizard Squad hackers that have of late plagued Sony and Microsoft with denial-of-service attacks, and were reported (inaccurately, as it turned out) as having knocked Facebook offline on the same day that Swift was hacked.
Lizard Squad also claimed credit for hacking the website of Malaysia Airlines.
Swift reported the hack on her blog on Tumblr, saying Twitter had deleted the hacker’s tweets and locked her account while it investigated what happened.
Despite the anxiety such a hack would cause anyone, Swift showed her cool, hashtagging her Tubmlr post “#HACKERS GONNA HACK HACK HACK HACK HACK” – a reference to the lyrics of her top-selling single “Shake It Off.”
She later regained control of her account and sent a few tweets denouncing the hackers, who had apparently made threats to release nude photos of her.
@taylorswift13: PS any hackers saying they have 'nudes'? Psssh you'd love that wouldn't you! Have fun photoshopping cause you got NOTHING.
Swift’s Instagram account, meanwhile, was taken over around the same time, with the infiltrator posting several images including one NSFW post that instantly tipped off her followers that she had been compromised.
It’s not clear how the hackers got control of Swift’s accounts, but as she’s such a high-profile user, it’s clear that Twitter and Instagram were bound to act, well, swiftly.
Users like you and me, however, we need to look out for our own privacy and security.
The best available defense against hackers taking over your accounts is called two-factor authentication (or two-step verification).
While it’s not perfect, it’s available from most of the major social media networks and webmail providers, and it means that signing into your account requires a password plus an additional piece of information – for example, a one-time code that is generated by a special app on your phone, or sent to you as an SMS (text message).
That means that if someone is able to steal your password they would also need access to your phone every time they tried to login in order to get the necessary one-time code.
And, of course, strong, unique passwords for all your accounts are an absolute must – watch the video below, which explains how you can create strong yet easy-to-remember passwords.
→ Can’t view the video on this page? Watch directly from YouTube. Can’t hear the audio? Click on the Captions icon for closed captions.
Here are a few more tips to keep your Twitter, Facebook and other social media accounts secure from prying hackers and snoops.
- 5 tips to make your Facebook account safer
- How to improve your Twitter security and privacy
- 3 ways to make your Gmail account safer
- 3 tips for keeping your photos and other data safe when using iCloud
You can also follow all the latest privacy and security news on the Naked Security Facebook page.