Facebook CEO Zuckerberg's Twitter, Pinterest accounts compromised!
The hacker group from Saudi Arabia, dubbed OurMine, claimed responsibility for the hack and guess how the group did it?
The man who runs the biggest social network and continuously implements new security measures to boost its billion users security, himself failed to follow basics of Internet security.
Yes, I’m talking about Facebook CEO Mark Zuckerberg, who had his Twitter and Pinterest accounts compromised on Sunday.
The hackers tweeted that they found Zuck's account credentials in the recent LinkedIn data breach, from which they took his SHA1-hashed password string and then broke it and tried on several social media accounts.
Troy Hunt, an independent researcher who operates "Have I Been Pwned?" site, reached out to a number of the victims who confirmed to Hunt that the leaked credentials were legitimate.
Since the passwords have been initially encrypted with the SHA1 algorithm, with "no salt," it just took 'LeakedSource', the paid search engine for hacked data, 72 hours to crack roughly 90% of the passwords.
The group, which has more than 40,000 Twitter followers, then successfully broke into Zuck's Twitter (@finkd) and Pinterest profile and defaced its banners with its logo as well as tweeted out some offensive posts.
So, this might be another alarm for those who haven’t yet changed passwords for their LinkedIn as well as other online accounts that used the same credentials.
In tweets now deleted, the group also claimed to have gained accessed to Zuck’s Instagram account, but Facebook confirmed that the group did not access his Instagram account.
Anyway check your email if you are also pwned!! Change password immediately!!
visit : https://haveibeenpwned.com/
The man who runs the biggest social network and continuously implements new security measures to boost its billion users security, himself failed to follow basics of Internet security.
Yes, I’m talking about Facebook CEO Mark Zuckerberg, who had his Twitter and Pinterest accounts compromised on Sunday.
The hackers tweeted that they found Zuck's account credentials in the recent LinkedIn data breach, from which they took his SHA1-hashed password string and then broke it and tried on several social media accounts.
Troy Hunt, an independent researcher who operates "Have I Been Pwned?" site, reached out to a number of the victims who confirmed to Hunt that the leaked credentials were legitimate.
Since the passwords have been initially encrypted with the SHA1 algorithm, with "no salt," it just took 'LeakedSource', the paid search engine for hacked data, 72 hours to crack roughly 90% of the passwords.
The group, which has more than 40,000 Twitter followers, then successfully broke into Zuck's Twitter (@finkd) and Pinterest profile and defaced its banners with its logo as well as tweeted out some offensive posts.
Mr. Zuckerberg has not sent a tweet from the account since 2012.
Now, what’s more surprising?
Zuckerberg's LinkedIn password was "dadada", which he also used for his other online accounts, the group tweeted.
So, this might be another alarm for those who haven’t yet changed passwords for their LinkedIn as well as other online accounts that used the same credentials.
In tweets now deleted, the group also claimed to have gained accessed to Zuck’s Instagram account, but Facebook confirmed that the group did not access his Instagram account.
Anyway check your email if you are also pwned!! Change password immediately!!
visit : https://haveibeenpwned.com/
No comments
Post a Comment