It makes sense that Mark Zuckerberg – CEO and co-founder of Facebook – would have accounts on other social networks. How else could he keep up with the competition?
But that doesn’t me he is that interested in keeping up standard security practices on properties that are non-Facebook. This practice led to the weekend’s news headlines, saying that his Twitter and Pinterest accounts had been hacked.
OurMine Team is the group claiming responsibility for the attack; they said Zuckerberg’s Instagram account had also been hacked, but the young CEO confirmed that never happened.
“No Facebook systems or accounts were accessed,” according to a Facebook spokesperson “The affected accounts have been re-secured.”
At the moment, no-one knows for sure how OurMine Team managed to hack into the social accounts; the group claimed it was possible thanks to the LinkedIn password dump that was reported a few weeks ago.
In May, millions of LinkedIn user account details were leaked online; the company reacted by immediately invalidating the credentials and notifying affected members, urging them to reset their passwords.
If you’re wondering how did the group use the LinkedIn credentials to hack into Pinterest and Twitter, the explanation is rather simple. As we all know, many people prefer to use the same password for different online services.
And surprisingly, Mark Zuckerberg is in that category. Twitter had a quick reaction to the hacking; while writing this article, Zuckerberg’s @finkd account had already been suspended and brought back after deleting the offending tweet (Zuckerberg last tweet was in January 2012).
In the meantime, Pinterest was a little slow. Zuckerberg’s account was still clearly vandalized sometime after the hack, but access was eventually regained by its rightful owner.
If you have a LinkedIn account, this story should be enough for you to go ahead and change your password there; better yet, change it everywhere else you have used it, for safe measure.
According to online security experts, changing your passwords on all your online accounts should be a habit. And if you won’t be bothered to do that, at least avoid using the same password more than once.
Interestingly, Zuck’s Google+ account has remained intact during this time. It’s not clear if that’s because he used a different account and/or password there or if the group didn’t bother to check that forgotten land yet.
Image Source: VentureBeat