Mark Zuckerberg Twitter and Pinterest hacked, apparently after login exposed in LinkedIn data dump
The passwords appear to have come from a database that was stolen in 2012 – since when the Facebook boss’s Twitter account has been dormant
Mark Zuckerberg has been hacked on almost every social network apart from his own.
Cyber attackers broke into the Facebook’s boss’s Twitter and Pinterest accounts and posted messages celebrating their success. They appear now to have been restored.
According to messages that the hackers posted on the accounts before they were deleted, they got in using passwords that had been exposed as part of a huge LinkedIn data dump. Those passwords were stolen in 2012 but were made public last week, when they were found to be sale online to anyone with the money to buy them.
The hackers got hold of that database of logins and presumably used that same password to get access to the Twitter account, if the tweets posted to Mr Zuckerberg’s account are to be believed.
“You were in Linkedin Database … DM for proof,” the hackers, identifying themselves as OurMine, posted on Mr Zuckerberg’s Twitter account. They also changed the name of his Pinterest account to “Hacked By OurMine Team”.
the hackers also claimed to have got into Mr Zuckerberg’s Instagram, but Facebook has denied that they got into that or any other system owned by the company.
Mr Zuckerberg created his Twitter account in February 2009 and has almost half a million followers, but has only sent 19 tweets – the most recent of those was in January 2012, and all of the rest come from 2009.
It might be that disuse of the account that led Mr Zuckerberg’s account to be targeted. The data in the leak comes from 2012 – the same time as his last tweet – and presumably the password has remained unchanged since then because the account hasn’t been accessed.
Cyber security experts usually advise that people use different passwords across sites – potentially keeping them in a password manager – as well as changing them fairly regularly so that if passwords are stolen they’ll be out of date.
Twitter also uses widely-recommended two-factor authentication technology, which requires that people looking to get access to an account also have access to a registered phone number. But that was added in the time since Mr Zuckerberg's most recent tweet.