A hacker seized control of the Explore Minnesota Facebook account for more than eight hours Dec. 4, but neither the account nor the agency appears to have suffered any permanent damage.
An unknown entity took over the Explore Minnesota Facebook page for more than eight hours on Dec. 4, posting non-travel-related content until officials were able to regain control of the popular webpage.
A spokesperson for the state's tourism agency said staffers first noticed the page had been hacked around 8 a.m. Central Standard Time (CST). The state immediately contacted officials at Facebook and at Minnesota IT Services (MNIT) for assistance in resolving the issue.
Explore Minnesota officials were briefly successful in regaining control of the page, their most-followed social media outlet, during the day — but otherwise worked with the company and MNIT to mitigate the incident’s effects, warn social media followers of the breach; and afterward, to remove added content.
We are aware that the Explore Minnesota Facebook page is acting up and are looking into the matter. Thanks for your patience while we resolve this issue.— Explore Minnesota (@exploreminn) Dec. 4, 2017
Alyssa Hayes, Explore Minnesota spokesperson, said control was restored around 4:30 p.m. CST, and while there appears to be no lasting damage to the agency or to its social media page, the hack was no small incident.
“It was a serious cyberattack against our Explore Minnesota page. We were working diligently with the actual team at Facebook headquarters for about nine hours yesterday to resolve the issue,” Hayes said. “We ended up gaining access at one point (but) the hacker had completely closed us off after we had addressed that.”
A Facebook spokesperson said via email that the company works “around the clock” to safeguard accounts and pages, but did not specifically discuss the Explore Minnesota incident. The spokesperson urged users who believe their accounts may have been compromised to visit facebook.com/hacked, or to report a hacked page at: facebook.com/help/contact/434468003315353.
Hayes praised MNIT for assisting the tourism agency in investigating the matter, and said the breach was something of a reminder that teamwork and swift action are essential during a hack.
“I’m not sure if it’s a lesson, but we do know that addressing these things as quickly as possible is very important and learning to lean on our allies, like our state partner agencies, like MNIT Services,” Hayes added.
Cambray Crozier, director of communications at MNIT, said the incident is proof that public agencies must continually do everything possible to guard their technology and online presence against bad actors.
“A good talking point is that they fend off more than 3 million attempted cyber attacks every single day,” Crozier said of MNIT’s state security operations center, noting that the Legislature declined to approve Gov. Mark Dayton's $27 million cybersecurity investment request during its last session.
“In our view this is a great example of something we’ve been advocating in the legislature, the importance of proactively funding better cybersecurity protection in our state and investing in advance in better tools including password managers to protect Minnesota and the people we serve,” Crozier said.
The communications director recommended via email that Minnesotans create “long and strong” passwords using letters, numbers and symbols that are unique to each account; use two-factor authentication if available; and “when in doubt, don’t click.”
“I think the most important thing to highlight is that, at MNIT, we think it’s tremendously important to have honest conversations about how technology is driving business and government in the state of Minnesota,” Crozier added, pointing out that residents’ private tax information, for example, must receive public protection from the state once they file their taxes.
It’s unclear how the hacker or entity may have gained access to Explore Minnesota’s Facebook account, but Hayes said the webpage’s relatively high number of around 226,000 followers could have attracted the unwanted attention.
“We’ve been in close discussion with the state of Minnesota IT services and their cybersecurity team. They’ve explained to us over and over again that this can happen to anyone,” Hayes added.
The tourism agency’s Instagram page has about 121,000 followers, while its Twitter account has around 58,000 followers — but in terms of connectivity, Hayes said Explore Minnesota’s Instagram runs first, having achieved more than 560,000 of the around 700,000 uses of the statewide travel hashtag #OnlyinMN.