Mr. Zuckerberg’s Twitter Inc. and Pinterest Inc. accounts were taken over in recent days because he reused a password: “dadada,” according to a person familiar with the matter. The password had appeared last month in a database of more than 100 million usernames and passwords stolen in 2012 from LinkedIn Corp., the person said. Mr. Zuckerberg appears to have reused “dadada” to log into Twitter and Pinterest, allowing hackers to take over those accounts. We don’t know for sure how OurMine Team pulled off the hacks, but the group is claiming it was all thanks to the LinkedIn password dump from a few weeks ago. Millions of LinkedIn user account details leaked online last month — the company responded by invalidating the credentials and contacting affected members to reset their passwords. But the story doesn’t end there, because, as we all know, many people like to reuse the same password on different online services. The passwords may be several years old, but they can still be useful to hackers, who then use them to try to break into other accounts, hoping that they will stumble on users, like Mr. Zuckerberg, who reuse their passwords.
You have hundreds of millions of keys and you can try them on any major collection of locks you can find,” said Alex Holden, the chief information security officer with Hold Security LLC, a company that investigates data breaches.
No comments:
Write comments