Yahoo and Twitter CEOs Have Their Twitter Accounts Compromised 43
The man who sent Twitter's very first public tweet now also becomes the first Twitter CEO to have his own Twitter account compromised. An anonymous reader quotes a report from Digital Trends about this weekend's wave of high-profile attacks:
At 2:50 a.m. ET, a tweet reading, "Hey, its OurMine, we are testing your security" and linking to the group's website was briefly posted, and while it was soon deleted, identical tweets continued to appear... The group has previously taken over other social media accounts, including Google's Sundar Pichai's Quora account, and Mark Zuckerberg's Instagram, LinkedIn, Pinterest, and Twitter accounts...
Dorsey also wasn't the only tech heavy hitter whose Twitter account was breached during that 24-hour period. Yahoo CEO Marissa Mayer and venture capitalist Vinod Khosla also saw breaches to their accounts, both of which were attributed to OurMine.
The Tweets may have come from Vine, according to Digital Trends, "which suggests that Dorsey was either using an old or shared password on the video network, or had otherwise connected his account to a compromised service...it's certainly alarming that a man who ostensibly is more aware than most of security protocols (especially on Twitter) fell victim to such an attack..."
Dorsey also wasn't the only tech heavy hitter whose Twitter account was breached during that 24-hour period. Yahoo CEO Marissa Mayer and venture capitalist Vinod Khosla also saw breaches to their accounts, both of which were attributed to OurMine.
The Tweets may have come from Vine, according to Digital Trends, "which suggests that Dorsey was either using an old or shared password on the video network, or had otherwise connected his account to a compromised service...it's certainly alarming that a man who ostensibly is more aware than most of security protocols (especially on Twitter) fell victim to such an attack..."
Re: In other news (Score:1)
It's a bright day for lossless audio!
Re: (Score:2)
That's ALAC, or FLAC. AAC isn't lossless.
Claiming... (Score:4, Funny)
Claiming you are testing security by breaking into companies' networks to advertise your product is not a great idea.
Re: (Score:2)
Indeed. It is however something people with big egos, high intelligence and absolutely no wisdom whatsoever try time and again.
Re: (Score:2)
Well, the "high intelligence" part here is somewhat variable.
Brands get hacked because Twitter can't TOTP/U2F (Score:1)
If only Twitter supported 2-factor authentication methods other than SMS to a unique phone number [jessysaurusrex.com]...
Re: (Score:2)
even google doesn't let you use google authenticator without activating your phone number first.
Re: (Score:2)
The differences between the two are that Google is more likely to allow landlines, and Google is more likely to allow authentication on multiple accounts per phone number.
Re: (Score:2)
But i don't want either one to have my number. And for non-us citizens google voice is no option either ...
I hope it's a social engineering service hack (Score:2, Insightful)
The CSRs are really the weak link for so many of these hacks. All of the two factor and out of band authentication in the world can't help you if the level 1 phone support just hands your account over to anybody who can do some basic research.
Re: (Score:2)
Very much so. I lost some passwords some time ago (dead disk and I had not included these in the backups by accident) and was very surprised how easy it was to get my accesses back.
Re: (Score:3)
A CEO? Yeah? Whatcherpoint? :) (Score:2)
Why would anyone expect a CEO—even of a tech company—to have any idea about computer security? That's like expecting a POTUS to have a deep knowledge of battlefield strategy, simply because they're Commander-in-Chief of the US Armed Forces.
Re: (Score:2)
Why would anyone expect a CEOâ"even of a tech companyâ"to have any idea about computer security? That's like expecting a POTUS to have a deep knowledge of battlefield strategy, simply because they're Commander-in-Chief of the US Armed Forces.
I fully expect both to have a high level knowledge of both...
That goes double and triple for a POTUS... But perhaps that is why I'm not POTUS, because if I was, I'd want to learn it... at least well enough to know that my Generals know what the hell they are talking about (usually).
History is filled with idiots (Hitler) who thought their "gut instinct" was a suitable replacement for generalship... it isn't...
Stalin was the same way, but he bought a clue and finally backed off and let Generals like Georgy
Re: (Score:2)
Stalin was smart--he let the generals win the war first, *then* had them shot.
Re: (Score:2)
Stalin was smart--he let the generals win the war first, *then* had them shot.
Would that be why he had the massive purges in the 1930s which gutted the Red Army, then he demanded no retreat in 1941 leading to some of the largest military defeats in history? In the fall of 1941, about 600,000 Red Army soldiers were lost around Kiev alone, which Hitler called "the greatest battle in history".
For a short period of time after that, the Red Army no longer numbered the Germans, and there were no more reserves.
Stalin came close to losing it all, but then he started to listen to his general
hello (Score:3)
Hey, its OurMine, we are testing your security
Re: (Score:2)
I thought 12345 was safe enough.
Re: OurMine is just another name for Anonymous (Score:1)
Dude, you HAVE to stop listening to Alex Jones.