The hacking group OurMine has been hacking high profile accounts these days. As reported on this blog, a few days ago the Quora account of Google CEO Sunar Pichai was hacked and through it they could also access his Twitter account. Mark Zuckerberg’s Twitter account was also hacked. And now, Twitter CEO Jack Dorsey’s account has also been hacked, as reported here.
This time the OurMine hacking group used one of Dorsey’s old Vine accounts to get access into his Twitter account. He must have used a shared account with his Vine account. We all, in a hurry to log into another service use our more convenient credentials from Google or Twitter or Facebook, all the time and again people have advised not to do so.
Fortunately, OurMine is not a malicious hacking group. Its group members hack into people’s accounts to expose the vulnerabilities that exist and can be used by more malicious individuals and organisations.
The recurring problem seems to be using a common credential across multiple services. For example, if you are using the same username and password for different services and if one of those services is hacked, the username and password of all the services that are using the same username and password also become available to the hackers.
Although if someone wants to hack one of your accounts and if he or she has the ability and the resources there is very little you can do, but in order to make things as difficult as possible for the prospective hacker, use different passwords for different services. Until you become the target spending extra time on creating unique passwords may seem like a waste of time, but its value is only realized when something devastating happens.
And creating individual passwords for different services isn’t as difficult as it seems, especially when you use services like LastPass. Here is a quick review of LastPass.