Over the past weeks a wave of social media breaches has targeted public figures and organizations in Britain and beyond, highlighting how easily trusted accounts can be misused. The incidents involved several high‑profile profiles, including the official pages of British Justice Minister Shabana Mahmood and Labour MPs Chris Elmore and Caroline Harris. The World Health Organization, Lenovo’s India division, and the British cooking program Great British Menu were also compromised. In each case the hackers posted identical messages promoting cryptocurrency offers before the posts were removed. Reuters reports that the scale and speed of the breaches show a coordinated effort to weaponize trusted accounts and steer followers toward fraudulent crypto schemes.
Near the end of August another incident drew attention to the vulnerabilities of the platform X, formerly known as Twitter. The official X account of French footballer Kylian Mbappe was briefly used to publish offensive messages on his behalf, which were later deleted. The posts targeted Tottenham Hotspur and elements of Israeli politics. The episode underscores how attackers exploit the credibility of public figures to spread provocative content quickly, then remove traces to avoid detection, a pattern security observers say is increasingly common on social networks.
Security experts say these cases reveal a persistent vulnerability across social networks. Criminals are drawn to platforms where verified accounts carry authority, and crypto scams are a common lure because they promise quick returns and require little effort from followers to engage. When users click through, risk increases: credential harvesting, malware installation, or unauthorized access to other services is possible. Third party apps connected to accounts can provide extra backdoors, allowing intruders to post from inside and evade basic protections.
Recovering control after a breach requires swift, disciplined steps. The immediate priority is to sign out of all devices and review recent activity. Change the account password to a strong, unique passphrase and enable two factor authentication using an authenticator app or a hardware security key. Verify and update recovery options, confirm the linked email and phone number are correct, and revoke access for unfamiliar third party apps and sessions. Review login history, sign out of active sessions, and enable login alerts so unusual activity triggers notifications. If the account remains under attackers’ influence, contact the platform’s help center and follow its official recovery process. For brands and public figures in North America, it also helps to communicate transparently with followers about the breach and the steps being taken to restore security.
North American organizations, brands, and public figures should adopt a proactive security posture. Enforcing two factor authentication, conducting phishing awareness training for staff, and maintaining an incident response plan can reduce the risk of future breaches. Regular audits of connected apps, careful management of recovery methods, and clear crisis communication channels help protect reputation and trust. The recent hacks remind those with online visibility that resilience relies on constant vigilance, rapid response, and practical safeguards.