Mark Zuckerberg’s social media accounts have been accessed without his permission or knowledge, it has been revealed.
It was reported by various media outlets that his Twitter, LinkedIn and Pinterest accounts had been breached.
News that his Instagram account was among the networks accessed was denied by a spokesperson at Facebook.
“No Facebook systems or accounts were accessed. The affected accounts have been re-secured.”
“No Facebook systems or accounts were accessed,” the spokesperson told VentureBeat in a statement. “The affected accounts have been re-secured.”
It has also been widely reported that the group behind the breach, dubbed OurMine, found his password as a result of the LinkedIn data breach.
Worryingly, despite being CEO of one of the most successful social networks in the world, his security practices have been called into question.
Mr. Zuckerberg’s LinkedIn password was purportedly “dadada”, which he also used for his Twitter and Pinterest accounts.
This highlights two problems. One, leaving underused or neglected accounts active – the Facebook founder last posted on Twitter in 2012 – and two, using weak passwords across multiple accounts.
“[Mr.] Zuckerberg appears to have the same security weaknesses as the rest of us,” noted Alex Hern, a technology reporter at the Guardian.
“Reusing passwords is a bad idea even if you aren’t a billionaire with a target painted on your back: the only account that should be at risk if LinkedIn gets hacked is a LinkedIn account, not a Pinterest and Twitter account too.”
Most experts advise that unique passphrases be used for all accounts. Note, passphrase and not passwords.
A passphrase is simply a complex phrase that is markedly harder to crack, explained a WeLiveSecurity guide last month.
Also advised is two-factor authentication, which offers a second layer of security to devices and accounts.