A hacker or hacking group going by the name of “OurMine Team” briefly took control of Facebook chief Mark Zuckerberg’s Twitter and Pinterest accounts, apparently using information from a major LinkedIn security breech that occurred in 2012.According to OurMine Team, the passwords to Zuckerberg’s little-used Pinterest and totally dormant Twitter accounts were apparently the same as those for his LinkedIn login (“dadada”).
Both Twitter and Pinterest rapidly restored control of the accounts over the weekend, and the rogue posts have now been removed—though not before they were screencapped:
Ouch. Mark Zuckerberg’s social media accounts have been hacked pic.twitter.com/KvVmXOIg5s
— Ben Hall (@Ben_Hall) June 5, 2016
LinkedIn’s 2012 breach was significant and embarrassing for the company, and resulted in the theft of millions of passwords and other user information. Users were warned at the time to change their LinkedIn passwords, and those on any other platform on which they were reused.
This is clearly evergreen advice, as it isn’t hard for a determined hacker to cross-reference someone’s username and password information with other sites.
There’s no evidence of any widespread damage stemming from the Zuckerberg account compromoise—not least because Zuckerberg seemingly hasn’t tweeted since 2012. OurMine took the opportunity to tweet “you were in Linkedin Database… DM for proof.”
Over on Zuckerberg’s Pinterest account, the name was changed to read: “Hacked By OurMine Team.”
OurMine claimed that it had also accessed Zuckerberg’s Instagram account.
Facebook, which owns the popular photo-sharing site, denied Zuckerberg’s Instagram account had been compromised, telling VentureBeat: “No Facebook systems or accounts were accessed.
The affected accounts have been re-secured.”
Ars has sought comment from Facebook and will update if we hear back.
This post originated on Ars Technica UK