If you think your email password is foolproof, think again: One hacking outfit has shown, yet again, just how easy it is for a stranger to gain access to your account.
Google CEO Sundar Pichai was hacked by a three-man operation called OurMine, which has been hijacking the accounts of major figures like Mark Zuckerberg just to show how simple it is to do so, The Next Web reported. The group said it never changes passwords; its goal is simply to show people that "other hackers can hack them and change everything."
The hackers have been posting messages on the question and answer site Quora through Pichai's account, which is also connected to the Google executive's Twitter feed. As a result, OurMine publicized the hack to Pichai's more than 500,000 followers.
Pichai is not the only major tech executive to be targeted by OurMine; it's also broken into social media accounts belonging to Facebook CEO Mark Zuckerberg and Spotify chief executive Daniel Elk.
It's not clear how OurMine has been gaining access to various accounts; the group says it's using different methods to pull passwords from celebrities' browsers. It's unlikely that their methods involve system breaches of the social networks themselves. It said it managed to break into Pichai's account by exploiting a weakness in Quora's platform, which it has reported to the company.
OurMine is attempting to brand itself as a security firm, offering support to its targets. It advises that Quora users should change their passwords immediately and make sure they're not the same as codes used for other accounts.
What This Means For You
In order to avoid your own accounts being hacked, you'll want to make sure that your passwords have at least eight characters, containing a mixture of upper and lowercase letters, symbols and numbers. The goal is that they can't be easily guessed by others.
An easy way to remember your passwords is to use a "passphrase," starting with a sentence you can remember and then replacing each word of the phrase with a similar initial or symbol. If the password is tough to remember, write a reminder on a piece of paper and put it in a safe location. And of course, make sure you're using distinct passwords for your most important accounts—and that you change them regularly.