Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Twitter Facebook Google Security Social Networks Yahoo!

Yahoo and Twitter CEOs Have Their Twitter Accounts Compromised 43

The man who sent Twitter's very first public tweet now also becomes the first Twitter CEO to have his own Twitter account compromised. An anonymous reader quotes a report from Digital Trends about this weekend's wave of high-profile attacks: At 2:50 a.m. ET, a tweet reading, "Hey, its OurMine, we are testing your security" and linking to the group's website was briefly posted, and while it was soon deleted, identical tweets continued to appear... The group has previously taken over other social media accounts, including Google's Sundar Pichai's Quora account, and Mark Zuckerberg's Instagram, LinkedIn, Pinterest, and Twitter accounts...

Dorsey also wasn't the only tech heavy hitter whose Twitter account was breached during that 24-hour period. Yahoo CEO Marissa Mayer and venture capitalist Vinod Khosla also saw breaches to their accounts, both of which were attributed to OurMine.

The Tweets may have come from Vine, according to Digital Trends, "which suggests that Dorsey was either using an old or shared password on the video network, or had otherwise connected his account to a compromised service...it's certainly alarming that a man who ostensibly is more aware than most of security protocols (especially on Twitter) fell victim to such an attack..."
This discussion has been archived. No new comments can be posted.

Yahoo and Twitter CEOs Have Their Twitter Accounts Compromised

Comments Filter:
  • Claiming... (Score:4, Funny)

    by SeattleLawGuy ( 4561077 ) on Saturday July 09, 2016 @08:46PM (#52480749)

    Claiming you are testing security by breaking into companies' networks to advertise your product is not a great idea.

    • by gweihir ( 88907 )

      Indeed. It is however something people with big egos, high intelligence and absolutely no wisdom whatsoever try time and again.

  • If only Twitter supported 2-factor authentication methods other than SMS to a unique phone number [jessysaurusrex.com]...

    • by allo ( 1728082 )

      even google doesn't let you use google authenticator without activating your phone number first.

      • by tepples ( 727027 )

        The differences between the two are that Google is more likely to allow landlines, and Google is more likely to allow authentication on multiple accounts per phone number.

        • by allo ( 1728082 )

          But i don't want either one to have my number. And for non-us citizens google voice is no option either ...

  • It would be hilarious if they called support claiming to be Jack Dorsey and got the CSR to reset the password.

    The CSRs are really the weak link for so many of these hacks. All of the two factor and out of band authentication in the world can't help you if the level 1 phone support just hands your account over to anybody who can do some basic research.
    • by gweihir ( 88907 )

      Very much so. I lost some passwords some time ago (dead disk and I had not included these in the backups by accident) and was very surprised how easy it was to get my accesses back.

    • by wbr1 ( 2538558 )
      Some of the more recent hacks are CSRs but not for twitter or the hacked account location. Thy have been performed by social engineering the account holders cellphone provider. Then you can get a sim with their number. Once that is done anything with 2 factor on that phone is gone. Also if that phone is used for password recovery of any accounts they are done for.
  • Why would anyone expect a CEO—even of a tech company—to have any idea about computer security? That's like expecting a POTUS to have a deep knowledge of battlefield strategy, simply because they're Commander-in-Chief of the US Armed Forces.

    • Why would anyone expect a CEOâ"even of a tech companyâ"to have any idea about computer security? That's like expecting a POTUS to have a deep knowledge of battlefield strategy, simply because they're Commander-in-Chief of the US Armed Forces.

      I fully expect both to have a high level knowledge of both...

      That goes double and triple for a POTUS... But perhaps that is why I'm not POTUS, because if I was, I'd want to learn it... at least well enough to know that my Generals know what the hell they are talking about (usually).

      History is filled with idiots (Hitler) who thought their "gut instinct" was a suitable replacement for generalship... it isn't...

      Stalin was the same way, but he bought a clue and finally backed off and let Generals like Georgy

      • Stalin was smart--he let the generals win the war first, *then* had them shot.

        • Stalin was smart--he let the generals win the war first, *then* had them shot.

          Would that be why he had the massive purges in the 1930s which gutted the Red Army, then he demanded no retreat in 1941 leading to some of the largest military defeats in history? In the fall of 1941, about 600,000 Red Army soldiers were lost around Kiev alone, which Hitler called "the greatest battle in history".

          For a short period of time after that, the Red Army no longer numbered the Germans, and there were no more reserves.

          Stalin came close to losing it all, but then he started to listen to his general

  • by marcello_dl ( 667940 ) on Sunday July 10, 2016 @12:38AM (#52481441) Homepage Journal

    Hey, its OurMine, we are testing your security

"The pathology is to want control, not that you ever get it, because of course you never do." -- Gregory Bateson

Working...