Photographee.eu - Fotolia
A hacking group based in Saudi Arabia claims to have compromised the Twitter, Instagram and Pinterest accounts of Facebook founder and chief executive Mark Zuckerberg.
The group known as OurMine claimed responsibility in a tweet that has since been removed that said they were “just testing” his security, and invited him to contact them.
Developer Ben Hall tweeted a screenshot of Zuckeberg’s hacked Pinterest account that appears to indicate the compromises were linked to the 2012 breach of the LinkedIn database.
Initially, 6.5 million LinkedIn accounts were thought to have been compromised, but in May 2016 it emerged that 167 million LinkedIn account details, including 117 million username and password pairs were for sale on the dark web.
The hackers also appear to be implying that Zuckerberg had used the same password for multiple social media accounts, which is extremely poor security practice.
Security experts continually emphasise the importance of having unique passwords for every online account so that if there is a compromise of one account, no other accounts are affected.
Twitter immediately suspended OurMine’s Twitter account and removed the group’s tweets from Zuckerberg’s account, including his apparent response: “No you didn’t. Go away skids” shown in screenshots posted by Endgadget.
Read more about password security
- A report of a cache of millions of stolen webmail credentials could finally drive morewidespread adoption of two-factor authentication (2FA) say security experts.
- Here are five steps to ensure stronger passwords and better authentication to reduce the threat of business data theft.
- Yahoo Account Key uses push notifications to provide a fast and secure way to access Yahoo accounts from a mobile device.
- The Fido Alliance takes another step closer to defining a standard web-based API, as industry support for its password-killing standards gains momentum.
Pinterest also cleaned up Zuckerberg’s hacked profile page, but not before social media was filled with screenshots of his hacked account.
A Facebook spokesperson told VentureBeat that Zuckerberg’s Instagram account was not breached, despite the hackers’ claims.
“No Facbeook systems or accounts were accessed. The affected accounts have been re-secured,” the spokesperson said.
Although Zuckerberg has thousands of followers on Pinterest and Twitter, the accounts are hardly used, with only three posts on Pinterest and the last tweet dating back to January 2012.
Zuckerberg is no stranger to social media account compromise, with his Facebook account compromised by apparent hacktivists in 2011 and by a frustrated researcher trying to report a security flaw in 2013.
OurMine is a small group of teenage hackers based in Saudi Arabia, according to a report by Softpedia.
Cloud security firm Akamai profiled the group in 2015, noting that the group had graduated from defacing and hacking social media accounts to distributed denial of service (DDoS) attacks on financial institutions.