Hackers have broken into and defaced Mark Zuckerberg's social media accounts.
The attackers, supposedly belonging to a group known as OurMine Team, broke into the Facebook CEO's personal Twitter, LinkedIn and Pinterest accounts (but not Facebook) and posted messages gloating of their success.
OurMine Team claimed that the hack was made possible by last month's vast dump of LinkedIn member details. Usernames and passwords were obtained during a hack in 2012 and subsequently sold on the dark web.
While LinkedIn took steps to invalidate the stolen credentials, it is possible that the hackers used information shared across multiple services - such as Zuckerberg's email address - to gain access to the accounts.
It is also possible that Zuckerberg has committed the cardinal sin of re-using passwords across different sites. This incredibly dangerous practice is one of the most commonly-cited security flaws, and is frequently criticised by security professionals.
Richard Parris, CEO of cyber security firm Intercede, warned that this breach should be very troubling to everyday users. "If Mr Social Media's accounts can be compromised, with all of the knowledge and resources he and his team have available, we should all be taking notice," he said.
He called for companies like Facebook and Twitter to adopt more secure forms of security, such as biometric or two-factor authentication.
"It's been demonstrated time after time that the simple username and password combination is a fundamentally flawed approach to internet security, but that is typically all we are offered to protect our identity and our data."
"It is time the organisations generating significant revenue from consumers stopped playing fast and loose with security and adopted more sophisticated approaches. They are available, they are easy to implement and they offer much higher levels of security. All it takes is a willingness on behalf of services providers to acknowledge that they have a duty of care to the consumers they serve."
