The notorious hacking trio, OurMine responsible for hacking Mark Zuckerberg’s Pinterest, Twitter and LinkedIn accounts has a new victim -- Sundar Pichai. According to a report on the The Next Web, the team hacked into Sundar Pichai’s Quora account and posted updates on the Google CEO’s Twitter account.
OurMine managed to perform the feat by leveraging a vulnerability in Quora’s platform. Earlier, the group has been in news for hacking Twitter co-founder Evan Williams’s account and using malware to collect more than 32 million Twitter login credentials. According to the report on technology website Techcrunch.com, these credentials were being sold on the dark web.
“LeakedSource, a site with a search engine of leaked login credentials, said in a blog post that it received a copy of the user information from ‘Tessa88@exploit.im’ -- the same alias used by the person who gave it hacked data from Russian social network VK last week,” the report noted.
LeakedSource said the cache of Twitter data contains 32,888,300 records, including email addresses, usernames and passwords. LeakedSource has added the information to its search engine.
LeakedSource noted that “the user credentials were collected by malware infecting browsers like Firefox or Chrome rather than stolen directly from Twitter”.
At the same time, Twitter said that its systems have not been breached.
The group by the name of OurMine -- the same group that claimed credit for compromising Facebook chief Mark Zuckerberg’s Twitter and Pinterest accounts on Monday -- took credit for hacking Williams’ account in a tweet on Wednesday, which was deleted minutes later.
“A number of other online services have seen millions of passwords stolen in the past several weeks. We recommend people use a unique, strong password for Twitter,” the company was quoted as saying.
This hack added another name in the list of high-profile people whose accounts have been compromised recently. Singers Drake and Lana Del Rey and professional American football league NFL have all been hit in recent days.
Hit by a massive data breach that put nearly 167 million users’ passwords and personal information in the hands of hackers four years back, LinkedIn came out with an explanation and steps it has taken to protect users.
In an email sent out to all its members, LinkedIn admitted that the massive data breach in 2012 may result in millions of passwords being leaked to the internet.
“On May 17, 2016, we became aware that data stolen from LinkedIn in 2012 was being made available online. This was not a new security breach or hack. We took immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk,” LinkedIn said.
“These were accounts created prior to the 2012 breach that had not reset their passwords since that breach,” the email read.
The data breach involved member email addresses, hashed passwords, and LinkedIn member IDs (an internal identifier LinkedIn assigns to each member profile) from 2012.
With inputs from IANS