Yes, I’m talking about Facebook CEO Mark Zuckerberg, who had his Twitter and Pinterest accounts compromised on Sunday.
The hacker group from Saudi Arabia, dubbed OurMine, claimed responsibility for the hack and guess how the group did it?
The hackers tweeted that they found Zuck’s account credentials in the recent LinkedIn data breach, from which they took his SHA1-hashed password string and then broke it and tried on several social media accounts.
The group, which has more than 40,000 Twitter followers, then successfully broke into Zuck’s Twitter (@finkd) and Pinterest profile and defaced its banners with its logo as well as tweeted out some offensive posts.
Mr. Zuckerberg has not sent a tweet from the account since 2012.
Now, what’s more surprising?
Zuckerberg’s LinkedIn password was “dadada“, which he also used for his other online accounts, the group tweeted.
In tweets now deleted, the group also claimed to have gained accessed to Zuck’s Instagram account, but Facebook confirmed that the group did not access his Instagram account.
“No Facebook systems or accounts were accessed,” a Facebook spokesperson said. “The affected accounts have been re-secured.“
More than 167 Million members’ email and password combinations were hacked during a 2012 LinkedIn data breach and had just been posted online. The passwords were encrypted with the SHA1 algorithm with “no salt” that made it easier for hackers to crack them.
Like other data breaches, I suggest you change your password immediately, especially if you use the same password for other websites.