Skip to main content

What We Learned from the Hack of Disney’s Instagram (And, How You Can Avoid It)

July 21, 2022

The “Happiest Place on Earth” was hacked. Well, its Instagram and Facebook accounts, anyway.

During the early morning hours of Thursday, July 7, Disneyland’s social media accounts published several posts containing both racist and explicit language. The posts were a far departure from the uplifting and whimsical content Disneyland typically shares with its more than 25 million followers combined between the two platforms.

The accounts were eventually recovered from the hacker and posts deleted but the harm to Disney’s brand may last much longer.

So, what does that mean for other brands – behemoth and beginning alike? First, an online attack can happen to anyone. Second, account owners must be prepared both offensively and defensively. A Disney spokesperson told reporters that they worked quickly to secure their accounts in response to the problem but that begs the question of whether their accounts could have been more secure before the hack?

Here are a few tips to better secure your social media accounts:

  1. Create a unique strong password. (Think more than 10 characters and uncommon letter combinations).
  2. Use multifactor or two-factor authentication for all accounts.
  3. Do not save your password to devices, which are not password-protected or are commonly accessed by others.
  4. Purchase a cyber risk insurance policy that is appropriate for your brand’s unique risks.

This blog post was drafted by Natalie Soas Washington, an associate in the Dallas, Texas, office of Spencer Fane. For more information, visit