Good Internet practices apply to everyone, even the greatest leaders.Choose a complex password, do not use it for multiple accounts, change it regularly; this advice is often repeated but not often followed. Take Mark Zuckerberg’s recent mishap: on Sunday, June 5, the hacker group called “OurMine” managed to deface the Twitter and Pinterest accounts of Facebook’s leader.
The group suggested that it could have had access to Mark Zuckerberg’s accounts thanks to the recent data leak of the LinkedIn site. The head of Facebook had indeed used the same password (“dadada”) to log in on Twitter and Pinterest but also on LinkedIn. Therefore, when the 167 million LinkedIn passwords were leaked, the hackers found Mark Zuckerberg’s password and were able to test it successfully on his other social networks. The group OurMine also posted a message to that effect on the Facebook CEO’s Twitter account during the attack:
Mark Zuckerberg’s Twitter account after the takeover by hackers
Mark Zuckerberg’s Pinterest account after the takeover by hackers
However, contrary to what the hackers had originally announced, Mark Zuckerberg’s Instagram account was not hacked. Facebook also indicated very quickly that the accounts of its leader had since been re-secured and no Facebook account had been compromised in the attack. It should also be noted that the Facebook CEO had no longer been using his Twitter account since 2012 and that his Pinterest account was virtually unused.
However, according to The Guardian, other leaders or personalities may be hacked. Indeed, it is likely that the usernames and passwords revealed by the LinkedIn and MySpace links have still not been modified by some users.
In the context of such significant data leaks, we must remember that the first step to take is to not only change the password of the service experiencing the data leak, but also those of all services using the same password. Ideally, every user should use one unique password for each site and possibly use a password manager.