Cyber Incident Victim: SPÖ Müllendorf

On April 1, 2024, the SPÖ Müllendorf political party confirmed its official Facebook page had been compromised in a hacking incident. Attackers altered the profile name to "BOT AI 136," rendering the page unusable for legitimate communications. The compromise occurred through unauthorized access to the Business Account of an administrator responsible for managing both the SPÖ Müllendorf page and a separate business page. Forensic analysis indicated the attackers specifically targeted the business page, with the political party’s page becoming collateral damage due to shared administrative infrastructure. The party clarified no SPÖ representative interacted with suspicious links, emphasizing their awareness of phishing risks. Prior security concerns had emerged months earlier when attempts to migrate the SPÖ page to a dedicated Business Account failed due to restricted access permissions within Facebook’s administrative system, leaving both pages vulnerable under the shared account.

The incident necessitated the creation of a replacement Facebook page, which the party began reconstructing immediately after the breach. Operational disruptions included the loss of historical content and follower connections tied to the original page. No evidence suggested data exfiltration or secondary compromises beyond the page takeover. SPÖ Müllendorf’s public statement highlighted the indirect nature of the attack, reiterating that the hackers’ primary objective was the business page linked to the administrator’s account. Recovery efforts focused on restoring communications capabilities through the new page while addressing unresolved administrative vulnerabilities in Facebook’s Business Account structure. The party did not disclose whether law enforcement or Meta’s security teams were engaged in investigating the breach.