We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

After previously hijacking the social media accounts of multiple tech executives including Google’s Sundar Pichai, Facebook’s Mark Zuckerberg, AOL’s Steve Case, and Yahoo’s Marissa Mayer, hacker group OurMine set its sights on Twitter chief executive Jack Dorsey. It revealed today that not only was it able to post to his Twitter account, but it claimed to have gained access to his Dropbox folders where it alleges to have discovered evidence that Twitter is able to see your Vine passwords.

Twitter flatly denies this. A company spokesperson told VentureBeat that the screenshot is not an accurate depiction of the Vine admin site. “Our Vine admin site is restricted to Twitter IPs, is HTTPs, and never shows passwords in any form. We securely store our passwords per industry best practices,” we’re told in an emailed statement.

In a blog post today, OurMine states that Dorsey’s Dropbox contains “all Vine Files including picture of the control panel of Vine.” Furthermore, it posted a screenshot the group believes proves that those who have access to the panel “can see private information” and user passwords.

A screenshot of Vine's admin panel released by hacking group OurMine that claims to show Vine's admin panel allows Twitter to see unencrypted user passwords. Twitter has denied this.

Above: A screenshot of Vine’s admin panel released by hacking group OurMine that claims to show Vine’s admin panel allows Twitter to see unencrypted user passwords. Twitter has denied this.

Image Credit: OurMine

An individual claiming to be a member of OurMine was adamant that what the group had was the truth, saying all its Vine files were taken directly from Dorsey’s Dropbox account, including the control panel screenshot. What’s curious about this whole thing is: Why would Dorsey have live files relating to Twitter or even Vine stored on Dropbox?


Transform 2022

Join us at the leading event on applied AI for enterprise business and technology decision makers in-person July 19 and virtually from July 20-28.

Register Here

For more than a few weeks, OurMine has been taking over various individuals’ social media accounts, including Foursquare, Quora, and Twitter, all with a message promoting security. And while that may seem altruistic, it’s also selling its services saying that it can offer better protection. Other than the aforementioned individuals targeted, the group has gone after venture capitalists Mark Suster and Vinod Khosla, Spotify founder Daniel Ek, former Facebooker Randi Zuckerberg, Amazon chief technology officer Werner Vogels, and actor Channing Tatum.

While the group is targeting CEOs and celebrities, don’t think you’re immune. If possible, use two-factor authentication and be aware of what services are connected with your accounts to avoid any compromising security risks.

Updated on 9:49 a.m. Pacific on Wednesday: Dropbox has issued a statement claiming that its service wasn’t hacked: “There was no compromise of Dropbox and we are not aware of any Dropbox vulnerability or exploit. As usual, we strongly encourage users to use unique passwords and enable two-factor authentication. We recently issued a blog post with tips on how to keep safe online here.”

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.