Facebook cofounder and CEO Mark Zuckerberg understandably has accounts on other social networks – it only makes sense to keep tabs on what the competition is up to. But that doesn’t mean he bothers to maintain standard security practices on non-Facebook properties. This weekend, his Twitter and Pinterest accounts were hacked. The group responsible, OurMine Team, also claimed to have gained access to his zuck Instagram account, though we were not able to independently verify this (Update: See below, his Instagram was not accessed).
We don’t know for sure how OurMine Team pulled off the hacks, but the group is claiming it was all thanks to the LinkedIn password dump from a few weeks ago. Millions of LinkedIn user account details leaked online last month — the company responded by invalidating the credentials and contacting affected members to reset their passwords. But the story doesn’t end there, because, as we all know, many people like to reuse the same password on different online services.
Including Mark Zuckerberg, apparently.
Ouch. Mark Zuckerberg's social media accounts have been hacked pic.twitter.com/KvVmXOIg5s
— Ben Hall (@Ben_Hall) June 5, 2016
Twitter was quick to react. While writing this article, we noticed that Zuckerberg’s finkd account had been suspended. Upon publishing, we learned that Twitter had already brought it back, with the offending tweet deleted (Zuckerberg hasn’t tweeted anything since January 2012).
Pinterest, meanwhile, still hasn’t done anything. The zuck account is still clearly vandalized (Update: Fixed).
This is the best reminder yet that if you have a LinkedIn account, you should go ahead and change your password there, and everywhere else. In fact, you should make it a habit to regularly change your passwords on all your online accounts. And if that is too much of a pain, at the very least, make a habit of using different passwords.
In case you were wondering, Zuck’s Google+ account is intact. It’s not clear if that’s because he used a different account and password there or if nobody has bothered to check it yet.
We have contacted Facebook for more information and will update you if we learn more.
Update at 5:55 p.m. Pacific: Facebook confirmed that Zuckerberg’s Instagram account was not accessed, despite the attackers’ claims.
“No Facebook systems or accounts were accessed,” a Facebook spokesperson told VentureBeat in a statement. “The affected accounts have been re-secured.”
You can't solo security COVID-19 game security report: Learn the latest attack trends in gaming. Access here