It’s a bad week to manage social media for a major airline. American Airlines is contending with the fallout from a threat Tweeted by a 14-year-old Danish girl, who has since been arrested. Teens around the world, seeing the amount of attention she’d received, have since started directing similar messages at American and other airlines, including Southwest.

It looked like that would dominate the social media news of the day, until US Airways tweeted a shockingly graphic image on its official social media handle. The airline apologized, saying its team was trying to flag the Tweet as inappropriate, but somehow managed to send the image to a customer complaining about a delay. Twice. And US Airways left the image on its feed for over an hour.

Predictably, the Twitterverse had a field day with the error, with the amount of chatter about the misstep eclipsing the announcement of the winners of the Pulitzer Prize.

But it’s no laughing matter for US Airways. As of this writing, US Airways had not Tweeted in 19 hours. Putting aside the deeply disturbing nature of the image it shared, it made some huge mistakes that should be addressed as the company’s investigation continues.

Check your links. Especially if you use a link shortener like bitly that doesn’t make it immediately clear what link you’ve shared. Take two seconds before sending or scheduling to make sure you’re sending your audience to the correct place, and not to that Grumpy Cat meme you shared on your personal Facebook account during lunch.

Check your accounts regularly. It’s unbelievable that a pornographic image stayed on an account with as many followers as US Airways for more than an hour. The @-replied to the airline must have been flying as soon as the message was shared. Why didn’t anyone at the airline immediately remove the post? Crafting an appropriate response to a gaffe of that magnitude takes time—fixing the immediate problem should have taken no more than five minutes.

Prepare for anything—and we mean anything. We’re starting to feel like a broken record, but: Crisis planning. It’s part of your organization’s traditional media strategy and it needs to be a part of your social media strategy. In the age where institutions like the New York Times and Twitter itself regularly see their websites hacked, it’s not outside the realm of possibility that inappropriate or threatening content could be posted on your website or social channels. Have a plan in place on how best to move forward.