A hacker group has briefly overtaken the Quora account of Google CEO Sundar Pichai, which also enabled them to post on his Twitter.
“We are just testing your security,” the hackers tweeted from Pichai’s account, pointing to a post on Quora they’ve created. Both accounts have since been restored to normal, but The Next Web managed to obtain a screenshot.
Quora is a Q&A community launched in 2010; according to this Quora post by the site’s co-founder Adam D’Angelo, it had around 100 million monthly unique visitors as of March 2016.
The hacker group, OurMine, appears to be the same one who recently took control of Mark Zuckerberg’s Twitter and Pinterest accounts. But while Zuckerberg’s credentials were apparently found in the recent LinkedIn password dump, the method of hacking Pichai’s Quora account was different. In a response to The Next Web, the hackers said they’ve actually exploited a vulnerability in Quora’s platform — one that Quora hasn’t yet fixed.
We’ve contacted Quora about these claims, but have not yet heard from them. As a precaution, we recommend you change your Quora password, disconnect your account from any other services it might be connected to (such as Facebook and Twitter), and make sure you don’t use it on any other online services.
OurMine, which has an official website that positions the group as a security firm, also said they never change people’s passwords, and that all they’re doing is “testing” people’s security. While their methods are shady to say they least, they’ve definitely been successful in taking control of some high profile social accounts, their recent targets including Twitter co-founder Evan Williams as well as musicians Deadmau5 and David Guetta.