Facebook Hacked?

Facebook Hacked? a reader asks…

My Facebook account has been hacked. I think someone managed to guess my password, and logged into my account, then changed the password and email address. I can no longer log into my own Facebook account. I’ve tried using https://www.facebook.com/hacked and https://www.facebook.com/help/203305893040179 but have not been successful at regaining access to my account. I’ve reported that my account was hacked numerous times but Facebook (the company) has done nothing. What else can I do?

Short answer, not much other than what you’ve already done. Since you pay nothing to Facebook for the social media service, you have no guaranteed rights to any Facebook account, not even one you created. In effect, you are the thing being sold, since any business has to make money. Facebook sells to advertisers who then market you, trying to get you to spend money. This is the business model you agreed to when you created your “free” Facebook account. Facebook has no real motivation to help you – as long as someone uses a Facebook account, they can continue to make money.

I think it’s sort of sad that you went through the account recovery process and it didn’t work for you. Search the internet and you’ll see this same story played out by many other people. Facebook hasn’t made it at all easy to recover hacked accounts, and doesn’t appear to really care very much about this problem (other than saying they do – they don’t back it up with any real action).

Fyi, all online accounts depend on a set of credentials (username and password) for identity validation. Accounts are only as safe as you make them (using strong and unguessable passwords, and not leaving those passwords around where someone can get them).

Many online services have added two-factor authentication to tighten up security. Facebook did this some time ago, but never made it mandatory, nor did (in my opinion) a good job of encouraging Facebook users to enable it. Had you enabled two-factor authentication when you had access to your account, you could have been better able to prevent someone from hacking your account. I’ve tried to tell folks about using two-factor authentication (see my articles here and here for example), but for many people, they just don’t want to bother.

At this point, your best bet is to abandon your old Facebook account and create a new Facebook account. I highly recommend when you create a new account, you secure it with a strong (e.g., long – over 15 characters) password, and also enable two-factor authentication. While there, use all the available resources to help secure your account including creating recovery codes and adding a backup method to log into your account.

Once you have your new account set up, make friends with everyone you remember, and let them know that the account you formerly has was hacked. You can also access that old account’s profile and report it, although I doubt that’ll do much good. You should urge your friends to “unfriend” that old account.

More and more people are coming to the realization that “free” isn’t really free. I hope you are coming to this conclusion and will help spread the word. It’s ok to use “free” social media services, but you should be aware of what the true cost of this is. And also please, help spread the word to your friends that they should all use two-factor authentication to help secure their accounts and make it harder for hackers to steal them.