Museums want to go where their audience is. And that includes Instagram. For many museums, the social media platform is therefore an important communication channel – but also a security vulnerability. In recent weeks, the Instagram accounts of various institutions have been hacked, particularly in the Swabian region The Kunstmuseum Stuttgart issued a warning at the beginning of February this year: its Instagram account was apparently hacked by criminals […]
Museums want to go where their audience is. And that includes Instagram. For many museums, the social media platform is therefore an important communication channel – but also a security vulnerability. In recent weeks, the Instagram accounts of various institutions have been hacked, particularly in the Swabian region
The Kunstmuseum Stuttgart issued a warning at the beginning of February this year: its Instagram account had apparently been hacked by criminals. But what is their aim in stealing data? Instead of information about the museum, a request to click on a number appears. The museum therefore warned on its website and social media channels: “Please do not click on the WhatsApp number provided”. “We have no control over what happens when you contact this number,” says Isabel Kucher, the museum’s spokesperson. She was the first to realize that the account had been hacked and that the museum no longer has any influence over what is published there.
“Fortunately, we were able to post the warning ourselves,” reports Isabel Kucher. The State Office of Criminal Investigation took care of the matter. The account has been reactivated since last Saturday. “We received a message from Facebook that we could take the account back and then introduced two-factor authentication.” The art museum also contacted Meta, the operator of Facebook and Instagram. Kucher has a suspicion as to why hackers were interested in the art museum, which is not a company but an educational and cultural institution: “Hackers only see that an account has a lot of followers.”
Dangers of cyber attacks
Museums are places of images and communication – so it is hardly surprising that most art institutions are now on the Instagram photo platform, where they also reach an audience that is not necessarily traditional museum-goers. The fact that this online presence also harbors the dangers of cyber attacks is something that several museums whose Instagram accounts have been hacked are currently experiencing. Stuttgart is apparently not an isolated case, as something similar has also happened to the Kunstmuseum Ulm and the Schauwerk Sindelfingen.
The takeover of the accounts
The museums affected had follower numbers in the four-digit range, which is still quite modest by influencer standards. Nevertheless, an art museum loses important communication channels and years of work if an account cannot be restored. The takeover of the accounts is apparently linked to a private message that allegedly comes from Instagram and is supposed to confirm the verification of the account. As with Facebook and Twitter, you can “prove” the authenticity of a profile on the platform as a public person or institution by ticking a blue box.
Beware of phishing links
According to the Kunstmuseum Stuttgart and the Schauwerk Sindelfingen, the museums had indeed previously requested such a tick. However, the link provided in the message was apparently a so-called phishing link, clicking on which granted the hackers access to the profile. Messages with suspicious links were also sent to followers from the accounts of the affected institutions. The institutions warn against opening these messages. For example, the Museum Ulm calls on its website to report any messages about the account directly to Instagram as suspicious or harmful. The Hamburger Kunstverein, whose profile was also hacked, also lost contact with 20,000 followers at the beginning of February.
Profile thefts are widespread
The profile thefts fit familiar phishing patterns that are widespread in the context of cybercrime. The perpetrators prefer to use the chat function integrated in the respective apps/applications to send phishing messages. For example, Instagram’s ‘Private Message’ or Facebook’s ‘Facebook Messenger’. However, phishing messages are also sent by email or via other messenger services such as Whatsapp.
Outside the access of those responsible
Authentication requests from platform operators are often imitated in order to ask those affected to “verify” their data and redirect them to phishing pages. The Instagram profile of the Berlin photo center C/O (around 94,000 followers) was also hacked at the beginning of the year and was out of the reach of those responsible for around a week. “It’s an unpleasant situation because you don’t know whether content is being spread through the account that we have nothing to do with,” says Magnus Pölcher, Head of Communications at C/O Berlin. “That can be very damaging to an institution’s reputation.”
The public is also on Instagram
For the exhibition venue, however, the story ended on a light note. The team called in a media lawyer and made persistent efforts to contact Instagram and Meta. In the end, the requests were successful and the company restored the account including all followers. Since the coronavirus lockdowns and the increasing shift of museum content to the internet, there has been increasing discussion of the problem that public institutions are also making themselves dependent on private companies such as YouTube, Meta or TikTok through their digital activities, which are difficult to reach in the event of damage. However, suggestions for better protected museum platforms on their own initiative have not yet been implemented on a large scale. In addition, many players would probably find it difficult to do without Instagram. After all, museums increasingly want to go where their audience is. And that is largely on Instagram.
