Account takeover can happen to the best of us. Even the savviest users can fall prey. In typical cases of account takeover (ATO), fraudsters take advantage of data breaches or use phishing and malware scams to steal their victims’ passwords. Scammers then use these passwords to make fraudulent transactions or log into a user’s social media accounts and wreak havoc.
Nearly half (48%) of businesses saw a rise in ATO last year – and losses reached $2.3 billion – making it one of the fastest-growing types of fraud out there. Although not every attack makes headlines, it definitely does when a celebrity is involved. A group of hackers called OurMine made the news last year when they targeted Facebook CEO Mark Zuckerberg’s Twitter and Pinterest accounts (his password was “dadada”). But Zuckerberg isn’t the only celebrity victim of ATO in recent memory…
1. Katy Perry
Katy Perry might have the most Twitter followers on the internet (89 million and counting!), but even she isn’t immune to ATO. In May 2016, a Romanian hacker with the eye of the tiger hijacked Perry’s Twitter handle, @katyperry. After leaking an unreleased song, the scammer flooded Perry’s feed with racial slurs, emojis, and gibberish. He also jumped at the opportunity to tweet at Taylor Swift, who didn’t reply.
2. Evan Williams
Not long after striking Zuckerberg’s account, OurMine went after another prominent member of the tech community: Evan Williams, co-founder of Twitter. The hackers guessed the password for his Foursquare account and tried it on his Twitter. Once they’d accessed Williams’s Twitter account, the hackers posted a brief message: “Hey, it’s OurMine team, we are just testing your security, please send us a message.” As far as we know, Williams did not comply with their request.
Just a month after Katy Perry’s Twitter takeover, Drake suffered a similar fate. Fans were alarmed to see that the singer had spent the better part of a Monday morning posting some unusual Tweets. As the messages grew more cryptic, it became clear that Drake had suffered an ATO. The hacker used Drake’s Twitter to add some bling to their own hotline, plugging their personal Twitter and Snapchat accounts.
4. Brendan Iribe
Last June, Brendan Iribe awoke to find that there was a new Oculus CEO in town…according to his Twitter account, at least. Someone tweeted to his 16,000 followers that Iribe had been replaced. Iribe, who is spearheading Facebook’s virtual reality headset, had been a victim of an ATO. Though the hacker didn’t compromise any of Iribe’s personal information, he did spend a few hours flooding the CEO’s Twitter feed with embarrassing posts. According to the hacker, Iribe hadn’t changed his passwords in over four years.
5. Kylie Jenner
June was a busy month for hackers. Following Drake and Brendan Iribe, Kylie Jenner also fell prey to an ATO. The social media star kicked back and watched as a hacker bombarded her Twitter feed with lewd, racist posts. Jenner responded with consummate ambivalence, Snapchatting her followers that she “didn’t care” and was letting the troll “have fun” with her account. But Jenner hasn’t been hacked since, so perhaps she was less ambivalent behind the scenes and changed her social media passwords.
So maybe most of your users aren’t celebrities, but it’s still imperative to protect their accounts. Want to know how you can safeguard your business in time for the next big data breach? Download our free e-book for a complete guide to protecting your users’ accounts, your brand, and your bottom line.