Mark Zuckerberg's social media accounts have been hacked
Hackers say LinkedIn username and password dump made their work easy
Hackers have broken into and defaced Mark Zuckerberg's social media accounts.
The attackers, supposedly belonging to a group known as OurMine Team, broke into the Facebook CEO's personal Twitter, LinkedIn and Pinterest accounts (but not Facebook) and posted messages gloating of their success.
OurMine Team claimed that the hack was made possible by last month's vast dump of LinkedIn member details. Usernames and passwords were obtained during a hack in 2012 and subsequently sold on the dark web.
While LinkedIn took steps to invalidate the stolen credentials, it is possible that the hackers used information shared across multiple services - such as Zuckerberg's email address - to gain access to the accounts.
It is also possible that Zuckerberg has committed the cardinal sin of re-using passwords across different sites. This incredibly dangerous practice is one of the most commonly-cited security flaws, and is frequently criticised by security professionals.
Richard Parris, CEO of cyber security firm Intercede, warned that this breach should be very troubling to everyday users. "If Mr Social Media's accounts can be compromised, with all of the knowledge and resources he and his team have available, we should all be taking notice," he said.
He called for companies like Facebook and Twitter to adopt more secure forms of security, such as biometric or two-factor authentication.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"It's been demonstrated time after time that the simple username and password combination is a fundamentally flawed approach to internet security, but that is typically all we are offered to protect our identity and our data."
"It is time the organisations generating significant revenue from consumers stopped playing fast and loose with security and adopted more sophisticated approaches. They are available, they are easy to implement and they offer much higher levels of security. All it takes is a willingness on behalf of services providers to acknowledge that they have a duty of care to the consumers they serve."
Adam Shepherd has been a technology journalist since 2015, covering everything from cloud storage and security, to smartphones and servers. Over the course of his career, he’s seen the spread of 5G, the growing ubiquity of wireless devices, and the start of the connected revolution. He’s also been to more trade shows and technology conferences than he cares to count.
Adam is an avid follower of the latest hardware innovations, and he is never happier than when tinkering with complex network configurations, or exploring a new Linux distro. He was also previously a co-host on the ITPro Podcast, where he was often found ranting about his love of strange gadgets, his disdain for Windows Mobile, and everything in between.
You can find Adam tweeting about enterprise technology (or more often bad jokes) @AdamShepherUK.