Buffer Hack Spams Social Media Followers

Buffer Hack Spams Social Media Followers

Often the greatest concern for small businesses when it comes to online security is the safety of pass codes and other sensitive account and business information. There is also the security of your customers’ and clients’ information to consider.

However, in a recent attack on social media manager Buffer, something even more important may have been taken — many small business’ reputations with their communities.

Buffer is a service that allows you to schedule social media posts across a variety of platforms including Facebook, Twitter and LinkedIn and get access to analytics that help you find the best times for those posts.

So far so good. But recently, hackers apparently managed to gain access to more than 30,000 Buffer members’ accounts. Once in, they substituted a link to a weight loss site for the posts many Buffer users had already created and scheduled for their followers.

The result was that many users ended up inadvertently spamming their own fans. That’s right – it looked to fans and followers as if these individual users had simply sent out spam posts to their communities.

Founder and Chief Executive Officer Joel Gascoigne was quick to apologize and commiserate with members. On the official Buffer blog, Gascoigne wrote:

I wanted to post a quick update and apologize for the awful experience we’ve caused many of you on your weekend. Buffer was hacked around 2 hours ago, and many of you may have experienced spam posts sent to you via Buffer. I can only understand how angry and disappointed you must be right now.

Before long, Gascoigne was able to report that the access used by hackers to penetrate Buffer’s security had been found and the glitch had been eliminated.

The company does not believe any user data was compromised.

It’s great Buffer’s team was able to resolve the problem quickly. But it’s hard to imagine anything worse than inadvertently spamming your own community, eroding the trust it has taken you so long to build.

Spam Photo via Shutterstock


Joshua Sophy Joshua Sophy is the Editor for Small Business Trends and the Head of Content Partnerships. A journalist with 20 years of experience in traditional and online media, he is a member of the Society of Professional Journalists. He founded his own local newspaper, the Pottsville Free Press, covering his hometown.

8 Reactions
  1. This is a scary thought! The fact that someone can just come in and take in an instant what you have worked so hard for your entire life makes me lose sleep.

  2. True that it is scary. But I think that if your followers know you well enough. They will know that something is wrong. If you are not the type who sends random links to them, I am pretty sure that they’ll wonder what happened to your account when something like this happens. They might even ask you if someone hacked your account.

    • I like your comment “if they know you well enough”.

      If we manage our Social Media correctly, all of our followers KNOW us Well enough and will dismiss these problems. On Social Media the quality of the Engagement outweighs Quantity of Followers

  3. I’ve received an email from Buffer explaining and apologizing for the whole situation. They handle the incident really well – so kudos.

    About the hack – well, unfortunately, there are always risks of security breach even in a very secured systems. Hackers are very good at solving IT security puzzles. That’s why big firms are eventually hiring hackers to consult them about the security of their IT system.

  4. People who don’t understand social tend to think of a social network as a kind of personal trophy.

    I cringe whenever I hear someone say “I’ve got 500+ connections on LinkedIn!”. It reminds me of Sally Fields’ Oscar acceptance speech. (“You like me…right now you like me!”).

    We give some awesome tips on our blog relating to this topic.
    Check us out – http://blog.peoplelinx.com