Mark Zuckerberg Twitter and Pinterest hacked, apparently after login exposed in LinkedIn data dump

The passwords appear to have come from a database that was stolen in 2012 – since when the Facebook boss’s Twitter account has been dormant

Andrew Griffin
Monday 06 June 2016 09:34 BST
Comments
Facebook founder Mark Zuckerberg
Facebook founder Mark Zuckerberg

Mark Zuckerberg has been hacked on almost every social network apart from his own.

Cyber attackers broke into the Facebook’s boss’s Twitter and Pinterest accounts and posted messages celebrating their success. They appear now to have been restored.

According to messages that the hackers posted on the accounts before they were deleted, they got in using passwords that had been exposed as part of a huge LinkedIn data dump. Those passwords were stolen in 2012 but were made public last week, when they were found to be sale online to anyone with the money to buy them.

The hackers got hold of that database of logins and presumably used that same password to get access to the Twitter account, if the tweets posted to Mr Zuckerberg’s account are to be believed.

“You were in Linkedin Database … DM for proof,” the hackers, identifying themselves as OurMine, posted on Mr Zuckerberg’s Twitter account. They also changed the name of his Pinterest account to “Hacked By OurMine Team”.

The hackers also claimed to have got into Mr Zuckerberg’s Instagram, but Facebook has denied that they got into that or any other system owned by the company.

Kanye West begs for money

Mr Zuckerberg created his Twitter account in February 2009 and has almost half a million followers, but has only sent 19 tweets – the most recent of those was in January 2012, and all of the rest come from 2009.

It might be that disuse of the account that led Mr Zuckerberg’s account to be targeted. The data in the leak comes from 2012 – the same time as his last tweet – and presumably the password has remained unchanged since then because the account hasn’t been accessed.

Cyber security experts usually advise that people use different passwords across sites – potentially keeping them in a password manager – as well as changing them fairly regularly so that if passwords are stolen they’ll be out of date.

Twitter also uses widely-recommended two-factor authentication technology, which requires that people looking to get access to an account also have access to a registered phone number. But that was added in the time since Mr Zuckerberg's most recent tweet.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in