There are several lessons to be learned from a data breach in which hackers gained access to Mark Zuckerberg's social media accounts, but chief among them is probably this: Quit using the same password for multiple websites.
In a statement released Monday, LinkedIn said that it had found and removed a fake profile that had been created of Zuckerberg.
"We were alerted of this takeover attempt and have taken action to remove the false profile on LinkedIn," the statement read.
It may be annoying and time consuming to use a different password for each online account, but following this simple rule can help you avoid the public account takeover that befell Zuckerberg, the billionaire owner of Facebook and Instagram.
A collective that calls itself OurMine boasted that it had broken into a handful of his social media accounts, including LinkedIn, Twitter and Pinterest. Screengrabs posted by Engadget showed the hackers notifying Zuckerberg of the breach using his own Twitter account. Bold move.
"We are just testing your security," the tweet read.
LinkedIn declined to address whether the hack was the result of a larger data breach in 2012 that compromised more than 100 million accounts. The company has taken steps to invalidate passwords from older accounts, but the breach against Zuckerberg shows that some accounts, especially those that are old or dormant, remain at risk.
In a statement emailed by a spokesman Monday, Facebook said Zuckerberg's Facebook and Instagram accounts had not been breached.
Facebook's security systems are now designed to thwart suspicious logins, but Zuckerberg's account has not always been immune to breaches: In 2013, a blogger hacked the executive's page to exploit what he said was a security flaw on the social network.
So is your account safe?
You should check to see if your email account has been compromised. The website Have I Been Pwned? (haveibeenpwned.com) provides a useful service: Plug in your email address, and the website will reveal if your data has been leaked or manipulated by hackers.
If your account has been compromised, change your password. Again, using the same password for multiple accounts is a cardinal sin in the security world, so make sure you mix it up, even with accounts you rarely use.
Graham Cluley, an online security expert and consultant, said that using the same passwords was a likely reason for the Zuckerberg hack. (According to the website the Hacker News, OurMine tweeted that Zuckerberg's password was "dadada," and was used across multiple accounts. OurMine's Twitter account has since been suspended.)
"It shows it can happen to anyone — even geeks," Cluley said.
Cluley also suggests obtaining a password manager, like LastPass, to keep track of your login information. He also said that wherever possible, you should enroll in two-step verification, which sends an authorization code to the user's phone before the account can be opened. Most social platforms vulnerable to hacking, including LinkedIn, Twitter and Gmail, offer it.