As a cybersecurity professional getting hacked on a personal level is a big slap in the face. I am suppose to be the guy telling people how not to get hacked. Well I am still that guy. Recently I found out that my personal/professional Facebook account got locked. Apparently it got locked back in mid October of this year and I never noticed (I don’t get on Facebook a lot). I was able to get back into my account in less than 5 mins and with full control. Here is what happened.
My Short Story
The other day my wife noticed that she could no longer see my Facebook account or tag me in anything. I was like well that is weird but didn’t really put a high priority to it because well it’s Facebook. The truth is though that my Facebook account is quite valuable to me and to clients because I have high level access to Meta business suites. I kinda expect people to try and hack my account because of this.
I finally got around to logging into my account at the end of the day and Facebook was like we locked your account because someone has been trying to access your account. Well because I had 2FA turned on I was able to go through some very simple steps and regain control of my Facebook account. I also had multiple email addresses attached to my account which I have access to so it was easy to verify myself quick. I didn’t see any signs of someone actually getting into my account, but I would bet someone tried really really hard.
The lesson here is that it is always better to be prepared for attempted account take overs than to be reactive to them. Enable 2FA, have back up emails, and just use every security tool that a site gives you to protect yourself. Do all of this before you become a target not after.