My Facebook Was Hacked: Lessons Learned [Postmortem]

In Sept of 2022, my Facebook (FB)/Meta account was hacked. Talk about keeping someone on their toes. It’s never easy to deal with a Facebook hacking. I place the onus and liability on myself and Facebook.

Struggles When My Facebook Was Hacked

Facebook has some dead end pages that they continue to share to this very day that lead to nothing but a 404 Error page and frustration for the user. This is part of the problem. When an organization shows this level of disconnect, aloof, careless behavior, and irresponsibility to creating easier accessibility for support, it’s a sign of internal C-Suite level disrespect of users and their well-being.

Being hacked can happen to anyone but how we handle our security and data positions us in a better situation regardless. When my Facebook was hacked I was fortunate to be in my account to not only minimize the disaster; I was able to witness first-hand to witness the Shenanigans unfold.

Lessons Learned

While the experience wasn’t an enjoyable one, it taught me a few valuable lessons about the importance of both Facebook & online security that I wanted to share with you. 

1. Stay Calm

The whole experience was tough, but I was able to stay calm and collected. I didn’t let the hacker get me rattled, and I didn’t react angrily. I handled the situation professionally, which ultimately helped me get my account back on track. I was hella annoyed with myself, but more on the difficulty that still, in freaking 2022, exists in contacting “Support” from the Facebook platform.

With all the issues this organization is constantly having, to force users to jump through hoops and hide the contact actions is ridiculous. Also, to have certain features only on desktop or hidden in Business accounts is a sign that they don’t care or want to be held accountable to help take action. So the bulk of the responsibility will remain with the user.

That’s not and should never be the case. You create a platform; create a way to resolve issues without overwhelming frustration and harm being caused to the user. This creates a buffet of access and lead time for hackers.

2. Be Vigilant

Make sure you’re always aware of your Facebook account and who has access to it. Don’t rely on friends to be your sole source of security, and be sure to set up a strong password. I don’t even add friends or family to my account as a source of security. What if they get hacked? How will that help me? One of the first things I did after I realized my Facebook was hacked was change my password on the spot. The good news is that I already had 2-factor authentication (2FA) enabled that forced anyone attempting to sign in to use the device I have to gain access. 2FA is a security feature that requires you to enter not just your password, but also an additional code sent to your phone or another device or app. If your account has been hacked, this code would be required, preventing anyone from randomly logging in.

3. Be Prepared

I also made sure to keep up to date on the latest security measures and I quickly logged out of all devices. The security measures I had enabled also quickly logged me out and forced me to validate who I was. But the added bonus was that I was near my laptop to help expedite my actions and open multiple tabs to help investigate what was happening. I also took a recording of my actions when responding to what I thought was a legit communication. Based on my attempts to validate, the hacking occurred. Knowing that I was not a heavy user on my account, it was easy for me to track the fraud activities and delete immediately. 

4. Don’t Be Scared; Contact Facebook

If you notice your Facebook account has been hacked, the first thing you should do is contact Facebook. As Facebook loves to play the shell game with their contact info and the chat may be only available to business accounts on Weekdays, I’ll share with you how I bumped into this and how to access them as of Sept 2022.

In Personal Ads Manager, I went into settings and did the following:

• I confirmed if the hackers added themselves to my account;
• I clicked on the Help icon on the bottom left-hand side of the browser window;
• A window/drawer slid open on the right-hand side;
• There is an option to create a support case via chat. Here is where you’ll break down what happened;
• You’ll see a “checklist” of action steps/timeline of what is happening; and
• You’ll then be transferred to a chat with a Support agent and can hash things out that way.

They will be able to help you regain access to your account, remove hackers from your account, remove restrictions, and remove any suspicious posts. If you ever experience a security issue with Facebook, don’t be afraid to reach out to them. Stay calm – even if you’re annoyed by the lack of ease of reaching them. They can be helpful, and I was able to get my account back in order within a few days. The issue isn’t the direct people you’re speaking with but rather the system that has been created to “support” users. Try not to take out your frustrations with the person who’s trying to help.

5. Deny Access

If you suspect that someone has hacked into your Facebook account and is using it without your permission, deny that ass access. This will prevent them from making any further posts or changes to your account. This can happen automatically if you log out of all devices and start fresh from the current device you’re using. Also log out if you’re not using the account and have Facebook contact you immediately via email or text or both if there is a login made to your account(s). This will send you the general location and device that accessed or attempted to access your account.

6. Delete Posts

If you have been hacked, it’s important to delete any posts that were made without your permission. This will help Facebook to identify and remove any malicious posts from your account. As I was in my account I saw multiple notifications rapid fire that videos were being posted and immediately FB/Meta responded with violation notifications. After a popup that my account was locked, and I had to re-login, I went through the steps of verification. Once I cleared all signed in devices, I saw the violating posts and deleted them. FB/Meta already stopped them from circulating, but I took it further and deleted them. The bums even changed my profile to some random shit that was not a language I spoke, and I reclaimed my profile and made two posts notifying my network of the breach. Immediately I had “folks” reply that they knew “companies” that would help me reclaim my account. Either they were phishing to help the hackers or they were spamming their own “companies”. I shut that mess down and told folks that not only I was not in need of a “company” to help, but I was proactive with some security measures that helped stop a complete take-over of my account that I’ve had for all these years.

7. Change Your Password

I can never stress enough the importance of having your password in a few secured spaces and making them memorable to you but difficult to “figure out” by hackers. Remember, hackers have all the time in the world to mess with folks. Make sure to change your password as soon as possible after your Facebook account has been hacked. This will help to secure your account and keep any malicious individuals out. Facebook can do better in helping account owners who are under attack remove hackers from their accounts. This helps to draw out the frustration and make things worse than they need to be. Do better Meta.

8. Be Aware of Your Facebook Privacy Settings

Even though my FB/Meta account was hacked, I was able to quickly regain access and things were frozen on some aspects. Be aware of your Facebook privacy settings and enable settings that not only force a verification via ID or 2FA, but ensure that all activities are paused until you can regain control. Verification is the primary concern you should have for any social or online account as this can either lock you out or lock out intruders. Organizations like FB/Meta that offer a ton of “free” services are not putting that much effort in protecting you, so you have to take due diligence in protecting yourself. After I spoke to the Support Agent, I told them about the email and sent a screenshot of it, so they can be aware of what is circulating to their users. This helps many organizations that have Cybersecurity safety measures in place as they track the different methods being used to gain access to user data.

The Rundown

Securing your social media accounts like Facebook begins before you get hacked. The amount of preemptive steps you can take will minimize a full takeover of your accounts and allow you to pinpoint quickly when a breach happens and help these platforms track down the violators.

These lessons learned after my Facebook was hacked should help you to stay safe and secure on Facebook and any social media platform. What steps have you taken to protect your Facebook account in the past? These lessons have helped me regain my account and secure it on Facebook, and I hope they will help you as well. If you have any questions or comments, please feel free to share them in the comments.