Instructions

Using the strategies and techniques youve learned from our crisis communication case studies, write a social media post for SeeMoji.

The purpose of the post is to:

1. Announce that we are investigating whether the recent FaceSpace breach impacted SeeMoji and its customers.

2. Advise users as to what to do if they think their account has been breached.

3. Give users practical advice on to how to secure their accounts.

The following facts are all true. Choose which facts to include in your press announcement. You may not contradict any of the facts.

FaceSpace has been the target of a number of high-profile cyberattacks.

Cyberattacks on FaceSpace can result in data breaches of third-party sites such as SeeMoji.

SeeMoji does store personal information, but not credit card information.

The blog post by The Angry Journalist went viral shortly after it was posted.

The SeeMoji social media team is unable to check FaceSpace user accounts.

SeeMojis investigation into the breach will take at least a week to complete.

TIMELINE

• Monday: Press release from FaceSpace confirming security breach
• Wednesday: The Least Surprising Announcement in the History of the World blog post from The Angry Journalist
• Monday through Thursday: Sampling of Tweets

ONLINE ARTICLE

FaceSpace confirmed today that it was successfully targeted by cyber attackers late yesterday afternoon. FaceSpace users are encouraged to check their profiles and change their passwords. More details will be released as they become available.

Cheryl Dotts, FaceSpace Public Relations Officer, indicated that an investigation is underway. She stated, We know that a number of our databases were compromised, including the ones that house information pertaining to third-party sites that use the FaceSpace login. What we dont know at the moment is the extent or depth of the breach.

Zuck Marker, founder and CEO of FaceSpace, could not be reached for comment.

FaceSpace is the leading social networking site, with over 350 million active users across the globe.

VIRAL BLOG POST BY THE ANGRY JOURNALIST

"The Least Surprising Announcement in the History of the World"

Yesterday FaceSpace announced that it had been hacked. Is anyone surprised? No. The answer is no. Nobody is surprised. The hack doesnt even count as news in my book.

If you follow me on Twitter, you know what I think: all FaceSpace has cared about for a long time is monetizing its users personal information. Who do I mean by its users? You. I mean you. And yet, you keep uploading your information and using the FaceSpace login on other sites, too.

I can only warn you so many times. FaceSpace only cares about you in so far as it can monetize you to marketers and advertisers. You may be reading this post with the hope of finding tips on what to do now that your information has been compromised. Again.

Sorry. You wont find those tips here. I got rid of FaceSpace long ago, so I dont have anything to worry about. I am going to take the afternoon off, knowing that my personal information is safe.

P.S. Many of my readers found the blog post by Ismat Mangla from Experian to be helpful in recovering from the networks recent breach.

Data Breach: How to Protect Yourself

By Ismat Mangla

FaceSpace announced a data breach on Friday, Sept. 24, in which the personal information of 50 million user accounts was put at risk due to a vulnerability in the social network's code.

The attack potentially exposed personal information and gave hackers the ability to take control of users' profiles. Since discovering the breach, FaceSpace has fixed the vulnerability and has informed law enforcement to investigate.

Was My FaceSpace Account Affected?

About 50 million FaceSpace users were affected by the code vulnerability, which gives hackers the ability to steal "access tokens" that allow users to stay logged into their accounts.

(When you sign into a site or app with your username and password, your browser or device typically receives a digital key known as an access token that lets you stay logged in without having to re-enter your credentials every time. That token does not actually store your password.)

Fraudsters could use these access tokens to not only take over users' FaceSpace profiles but also have the ability to access third-party accounts like Airbnb, Spotify or Uber that use FaceSpace credentials to log in. (See also: Is It Safe to Use FaceSpace to Login on Other Sites?)

Though 50 million accounts were targeted, FaceSpace reset the access tokens on a total of 90 million accounts as a precautionary measure. If your account was affected, you would have been logged out of FaceSpace and would need to log back in with your password the next time you visit the site.

What Personal Data Could Have Been Compromised in the FaceSpace Attack?

According to FaceSpace, attackers tried to target certain information, including users' names, genders, and hometowns listed in their profiles. But it's not yet clear if that or any other user information was actually compromised before FaceSpace fixed the vulnerability.

Though the access tokens targeted in the attack could potentially be used to log into third-party sites on Oct. 2, its investigators don't believe such third-party sites were affected.

How Do I Protect Myself as a FaceSpace User?

If you were one of the 90 million users whose access tokens were reset by FaceSpace, you would have been logged out of your account and will need to log back in. You should have received a notification about this on the top of your FaceSpace news feed. But even if you were not affected, this is a good time to take the following steps to ensure your identity and personal information is protected:

1. Conduct a Device Audit

To find out if anyone has improperly accessed your FaceSpace account, click on "Settings" on FaceSpacek. Next, go to the "Security and Login" tab. There, you will see a list of all the devices, locations and the most recent dates that you have logged into FaceSpace.

If you see any that you do not recognize, you can remove that device from being logged in. FaceSpace will also take you through a step-by-step process to secure your account if this is the case. You can also log out of all sessions.

2. Reset Your FaceSpace Password

According to FaceSpace, there is no need to reset your login password. However, there is no harm in doing soand it might be a good idea if you have a weak password or have noticed any suspicious activity.

Consider resetting your password to one that is unique and not used on any of your other sites or apps. To do so, go to "Settings," then "Security and Login," and click "Edit" on the "Change password" section. See Experian's recommendations on creating a secure password here.

3. Enable Two-Factor Authentication

For the most security, it's smart to turn on two-factor authentication. This security feature requires a unique code sent by a text message, call, or email, in order to log into your account after entering your password.

That way, even if someone obtains your password, they can't log into your account without the code. To enable two-factor authentication in FaceSpace, go to "Settings," then "Security and Login," where you will see the option to turn it on.

4. Check Which Sites and Apps Use FaceSpace for Login

If an attacker has access to your access token, they have the ability to get into your FaceSpace accountand also any other site or app you have used FaceSpace to log in with, such as streaming services, apps or games, and more. Even though FaceSpace has since announced that third-party sites using FaceSpace logins were not hacked, it's still smart to decouple your logins for the most security.

To find out which apps and sites use your FaceSpace login, go to "Settings" and then "Apps and Websites." There you will see a list of all active, expired and removed websites and apps that use your FaceSpace login. You can remove any or all of these apps. You may want to update the passwords on these services, as well.

The full story by Ismat Mangla is available on the web at: experian.com/blogs/ask-experian/facebook-data-breach-how-to-protect-yourself/

SAMPLING OF TWEETS

ChewingLotsOfGum

@SeeMoji none of my animated emojis are working on FaceSpace!

ShellMeister

@SeeMoji I just read FaceSpace press release. Am i hacked pls reply

BeefyCake

@SeeMojihakedwut 2 do now

OhhhShutttUppp

@SeeMoji can u unconnect my account from facespace