OurMine, the three-man "security team" that puts the accounts of prominent tech industry celebrities to the test, has done it again, striking at Twitter's core.
The hacking trio recently targeted Jack Dorsey, the CEO and founder of Twitter, and did nothing less than hack his Twitter account.
The security team usually posts the default message "Hey, it's OurMine, we are testing your security, visit ourmine.org" on its victim's account. Such a message was reported as appearing on Dorsey's Twitter feed at about 2:50 a.m. EST.
The tweet also contained the other signature sign of OurMine, namely an embedded video of their theme song. Despite the fact that the respective tweet disappeared, a lot more poured in.
It looks like Dorsey got full control of his Twitter feed 45 minutes after the hack occurred. However, taking over the Twitter account of the company's founder is something of a defiant action, so the shame remains.
There is a high chance that OurMine did not actually breach the security of Dorsey's Twitter account. It is likely that the group used another social media account, one where Dorsey had a shared password with someone else or an account that had Twitter posting rights. This theory is backed by the fact that Dorsey's post landed through Vine.
The same strategy seems to have been deployed when OurMine broke into the Twitter account of Google's helm, Sundar Pichai. The Google CEO's illegitimate posts came from an old Quora account.
OurMine does mention that it digs and finds its victims' passwords in their browsers, but the group does provide follow-up and offers data protection services to its victims.
This is not the first time when OurMine unveils how careless celebrities are when choosing a weak password. The hacking team recently exposed Mark Zuckerberg's Twitter password, which was an incredibly unsafe "dadada." For what it's worth, OurMine did point out that hacking Zuckerberg's Twitter account was achievable in most part due to the massive leak of LinkedIn passwords in May.
Security experts repeatedly advise internet users to choose strong passwords that contain capital letters, normal characters, numbers and special characters to boost their strength. If you are engaged in many social media accounts, different passwords are a must and a password manager can help you keep track of them. A constant refresh of the passwords is also highly recommended.
We are curious to know about your experience with using passwords: do you follow the recommendations above? Let us know in the comments section below.