It seems a prominent politician’s Facebook account has been hacked, leading to an embarrassing series of screenshots going public. Sounds familiar, doesn’t it? Lovely Warren is in hot water, again. This time for allegedly sending out a scathing FU message to someone on Facebook – none of the reports are saying to whom the message was sent. The official response? Oh, man:

The mayor’s office says that there are several people who have access to Warren’s official and personal accounts, and she is working to see where the message in question came from.

Here is the portion of the conversation attributed to Lovely Warren’s account:

A portion of the conversation which has been attributed to Lovely Warren's account.

A portion of the conversation which has been attributed to Lovely Warren’s account.

She has since shut down both her personal and official accounts “until further notice.” So, let’s ask a few basic forensic questions.

7 Questions for Lovely Warren

  1. According to the screenshot, this appears to be a Private Message on Facebook. To whom was this message addressed?
  2. Let’s not assume anything. Do we even know that the offending message was sent from Lovely Warren’s account? Just because the Mayor’s Office says it is so? All that I see is a “chat head” with Warren’s picture on it?
  3. If indeed it was sent from a Lovely Warren account, from which account was this sent? Her personal account or the Fan Page?
  4. If it was her personal account, Facebook keeps a record of every IP address and login, including the “user agent,” or the software being used to access the account. Has this been checked? Or not?
  5. If it was her Fan Page, these types of accounts are not allowed to message someone directly unless they’ve been written a message by that fan first. Most Fan Page admins disable messaging primarily for this reason. Why was this option not disabled on Lovely Warren’s Fan Page?
  6. Fan Pages can also have multiple editors: any number of people can use the Page and post messages. Facebook has a good breakdown of which user roles can do what, and not all of them can send messages. Are all her editors administrators?
  7. Every editor’s activity can be logged, since they’re separate user accounts. Was none of this done with the Lovely Warren Fan Page? Was everybody just logging in as Warren to access her public page?

I could prattle on about the security aspects of this. Unsecured accounts and all that. Update: There are also legal questions, which I address here. How many more and how many mission critical accounts are sharing passwords? But really, this is just dumb, dumb, dumb social media flub for which the Mayor’s Office and Lovely Warren herself need some organized answers, soon.

Because I’ve done a small amount of advertising on Twitter, I’m part of their Twitter for Business mailing list. On that list, they asked me to be part of a survey about how I do my business and how I interact with social. You know, the typical stuff. In exchange for participating in the survey, I was offered a $10.00 payment to my PayPal account. Awesome! A little extra change, maybe for a little extra advertisement.

Today, I received my payment. And then, shortly thereafter, I received my payment. Again.

Being away from the office, I didn’t have a chance to check my balance to see if I’d just gotten the email twice or had, in fact, gotten a double payment. Then I just received this email:

Hi,

We need your help!

You may have accidentally received two $10.00 payments for the Twitter Businesses’ Social Media presence study from March 3rd to March 7th. If you have received a duplicate payment, if you could please refund it back to us that would be great! We made a mistake here and really appreciate your help. This was sent by Hugh@oneopinion.com. If you have any questions or need help, please e-mail us at memberservices@oneopinion.com. Thank you so much for your help here and have a great day!

Best,

The OneOpinion Team

Best,

Emily

So, does Hugh still have a job, or what? There’s got to be a lot of advertisers, and that’s a lot of money to double pay. Lucky for all involved, I’m an unnecessarily honest man. Besides, who needs that kind of bad Karma?