Pesky hackers are at it again, and this time the target is the NFL. OurMine, the hacking group which has repeatedly targeted high-profile Twitter accounts, found itself in control of @NFL today, and took the opportunity to try to gain some clientele. The group, which also hacked Netflix today, posted the “we are just testing your security” notice that it always does, while offering to help the NFL shore up its cyber defenses.
OurMine, which also hacked the official Marvel account on Twitter today, bringing the day’s successful attacks up to three, told CNET that it doesn’t know who its next target will be. The group also explained that Twitter seems to know that something strange is happening to each of the accounts it breaches, as each profile gets a notification that “unusual activity” was detected whenever OurMine manages to get access.
This new wave of attacks from OurMine is yet another reminder of how poorly some companies manage their social media security.
As we noted just hours ago during the Netflix brouhaha, OurMine’s tactics for access each new account remain unknown. The group has been accused of using passwords from data dumps available around the web, but while that might make sense in the case of a specific individual, it doesn’t explain how company profiles on Twitter are falling victim just the same.
It’s hard to imagine the NFL or Netflix using the same email address and password for multiple accounts in the way that an individual may be prone to, but that may very well be what is happening. Neither Twitter nor the NFL have publicly addressed the situation.