Facebook’s Twitter account taken over by hacker group OurMine
The tweet read, “Well, even Facebook is hackable but at least their security better than Twitter.”
“Confirming the accounts were hacked through a third-party platform,” a Twitter spokesperson told Digital Trends. “As soon as we were made aware of the issue, we locked the compromised accounts and are working closely with our partners at Facebook to restore them.”
According to the tweet, the third-party platform used may have been Khoros, a social media management site.
We’ve reached out to both Facebook and OurMine for comment and will update this story when we hear back from them.
OurMine, a hacker group made up of five members, primarily focuses on network security. They’ve previously hacked accounts of celebrities, NFL players, and tech CEOs including Twitter’s own Jack Dorsey — whose account was also compromised this past November by a different hacker group.
According to Crunchbase, OurMine sells its services, scanning “the security of social media accounts and websites in exchange for a fee.”
OurMine got its start in 2014 and began to make a name for itself by hacking the social media accounts of tech moguls themselves.
In 2016, Facebook founder Mark Zuckerberg had both his Twitter and Pinterest account hacked by OurMine because he used the same, now infamous, password “dadada,” according to the Wall Street Journal.
The main goal of OurMine is to show users just how easy it is to hack the accounts of even the most prominent public figures. The process is fairly simple, too, according to an interview a hacker gave to The Daily Beast back in 2017.
The group primarily uses LeakedSource’s database of usernames, emails, and passwords, then plugs them in to varies accounts across social media platforms to expose which celebrities don’t have the best sense of network security.
The kind of accounts most vulnerable to hacking tend to be the ones that use the same password across platforms. So in this particular case, it appears the individuals responsible for Facebook’s Twitter account have used a similar password before — and for multiple sites.
Maybe it is time for Facebook to practice what it preaches: Use something “different than the passwords you use to log into other accounts.”