Twitter CEO Jack Dorsey's account hacked

The publicity-hungry hackers posted their standard message – that they were “testing your security” – along with the last video they posted.

As with every previous hack carried out by OurMine, Twitter itself was not the source of the compromise. This time, the hackers appeared to have gained access to Vine, and used their access there to post to the main feed. Previous weak links used by the group have included Bitly and Quora.

Of course, this time is slightly more embarrassing, given that Twitter also owns Vine. Many Vine users log in through Twitter, which allows them to protect their accounts using the app’s two-factor authentication, but older Vine users may also have a separate username and password. This could be how Dorsey’s account was compromised.

Twitter said: “We don’t comment on individual accounts for privacy and security reasons.” The company pointed the Guardian to a post from June this year on how to secure your account, but didn’t say whether the problem was Dorsey failing to follow his own company’s advice, or the advice not being enough to actually secure your account.

What OurMine’s hacks lack in technical skill, they make up for in persistence, and they underscore that in technology’s connected ecosystem, any weak link can be enough to lead to an embarrassing breach.

To protect themselves against similar hacks, users should ensure that not only are their social media accounts locked down, with two-factor authentication and secure passwords, but that so too is every other account that can post to their main feed. That includes Quora, Bitly and Vine, as well as many more. Dorsey won’t be the last hit by OurMine, but it’s hard to think of someone who would be more embarrassed.