Establishing Digital Trust: Don't Sacrifice Security for Convenience
The Facebook pages of several Major League Baseball teams were recently hacked and defaced with messages stating that Miami Marlins fans will be receiving free pit bulls, and that the New York Yankees' Derek Jeter is undergoing sexual reassignment surgery.
"The first posts went up at 3:52 p.m., according to the sports site Deadspin.com, which has screen shots of the joke messages," write Newsday's Nik Bonopartis and Jillian Sederholm. "They lasted for a few minutes, until the social media team at Major League Baseball pulled the plug, changed the passwords on the accounts and deleted the cybervandalism. MLB released a statement Thursday saying 'for a brief moment today, a few MLB Club Facebook accounts were hacked and inappropriate material was briefly on display.'"
"Clearly an unauthorised party had managed to gain admin access to the Facebook pages in order to post the messages -- and the first thought is that it would be a very strange coincidence to have the Facebook pages of so many clubs compromised at the same time," writes Sophos' Graham Cluley. "However, it turns out that the clubs run the Facebook pages in conjunction with MLB Advanced Media. One possible scenario is that an MLB Advanced Media employee was sloppy with their password (maybe they weren't using a hard-to-guess password, or maybe they were using a password that they had also been using elsewhere on the net), allowing a hacker to gain access and post the inappropriate content."
"A Facebook spokesman told Deadspin today that the attacks were the work of 'a single rogue administrator' of the MLB pages," writes PCMag.com's Stephanie Mlot. "The social network's team responded quickly and worked to eliminate spam caused by the attack, the spokesman said. The anonymous hacker told Deadspin directly that access to all 30 MLB teams' Facebook pages is 'put in the hands of employees making less than living wage,' and that the posts were a joke, and not intended to be seen by the public. Apparently 'the best ones' never hit the open Web."