Mark Zuckerberg's Facebook page hacked: 1.8K "Liked This"

An anonymous hacker left Facebook and Mark Zuckerburg red faced after he gained access to the entrepreneurs Facebook profile, but rather than going on a rampage, the hacker took the opportunity to pitch an idea of letting Facebook users invest in the company, rather than the banks.

The message read: "Let the hacking begin: If facebook needs money, instead of going to the banks, why doesn't Facebook let its users invest in Facebook in a social way? Why not transform Facebook into a 'social business' the way Nobel Prize winner Muhammad Yunus described it? What do you think? #hackercup2011".

The page belonging to the 26-year-old Zuckerberg, the Facebook founder who was named Time's Man of the Year in 2010, was hacked some time on Tuesday.


1,803 people liked this.

It is not clear how the break-in occurred, said Graham Cluley, senior technology consultant at the security company Sophos. "Mark Zuckerberg might be wanting to take a close look at his privacy and security settings after this embarrassing breach," he noted. "It's not clear if he was careless with his password, was phished, or sat down in a Starbucks and got sidejacked [had his login details stolen over the air] while using an unencrypted wireless network. But however it happened, it's left egg on his face just when Facebook wants to reassure users that it takes security and privacy seriously. Maybe Mr Zuckerberg would be wise to get a refresher on computer security best practice." Facebook made no comment on how the breach took place, although the risk increases due to the fact that the profile is handled by a number of people within the company, and it's possible details from any one of those people were breached.

It's thought that a $500 million investment made by Goldman Sachs earlier this year has placed the value of the popular site at almost $50 billion and will allow the Wall Street firm to assist Facebook when the time comes for the site to become listed publicly. This is likely what the hacker was referring to when he mentioned "the banks." Perhaps the most ironic of it all is the mention of Facebook's Hacker Cup - described as "an annual worldwide programming competition where hackers compete against each other for fame, fortune, glory and a shot at the coveted Hacker Cup" - which may have unintentionally left them open to the challenge of a high level breach due to the fact they will be hosting the final round at Facebook headquarters on March 11.

French president Nicolas Sarkozy was also hacked just days ago and a message was left suggesting that he was resigning. However, after regaining control of the account, he made it known that he would run for President in the next election.

Image credit: Sophos

Report a problem with article
Previous Story

O2 launches free WiFi service

Next Story

Google talks 2011 plans, "not happy" with low Android app purchase rates

41 Comments

Commenting is disabled on this article.

I find this extremely funny. Zuckerberg got what he deserved... wonder how he enjoys having his private information leaked. Seeing that he doesn't care about anyone else.

Personally I never will obtain a Facebook page.

its not exactly hard to get a password. Simply click forgot password, and choose one of the options. There was one time when they showed pictures of people and you had to guess the correct name. I did thin until i finally guessed and thats it. and btw the names were a multiple choice so there wasnt a big choice

The hacking is by the by. The real uncomfortable message is.......Why not transform Facebook into a 'social business'? This must be a terrifying concept to the likes of Goldman Sachs!

For ref the url in the status update points to the Wikipedia entry for 'Social Business'....for those too lazy to type it

"Mark Zuckerberg might be wanting to take a close look at his privacy and security settings after this embarrassing breach," he noted.

Everytime I take a look at the privacy settings page my head starts spinning over all the options. I wouldn't be surprised if Mark Zuckerberg felt the same way...

Intrinsica said,

Everytime I take a look at the privacy settings page my head starts spinning over all the options. I wouldn't be surprised if Mark Zuckerberg felt the same way...
Seriously? They're very simple.

Mike Brown said,
Seriously? They're very simple.

I disagree. I think they're totally confusing and even if you set things to "shared with nobody" on the main privacy control panel it still doesn't close off some of the obscure settings.

ILikeTobacco said,
If they are so simple, where is the don't share anything option?
Custom > Only Me, but I'm not sure why you wouldn't want to share anything.

Mike Brown said,
Seriously? They're very simple.
I might have been slightly exaggerating for comedic purposes, however when you compare how the security settings were before to how they are these days, you can't help but wonder if there is such a need for the ability to tweak all those different options.

Mike Brown said,
Custom > Only Me, but I'm not sure why you wouldn't want to share anything.

Even with that set, wait two weeks and check it again and it will have magically changed back to sharing with people. Facebook privacy settings require the user to do a routine maintenance every couple weeks to make sure they didn't revert back to sharing on them. The reason for switching to that is to "kill" your Facebook without deactivating it allowing you to read other peoples stuff without really using the site anymore yourself. Back when I used MySpace, I use to delete my account, only to recreate it in order to view pictures from friends or something.

ILikeTobacco said,

If they are so simple, where is the don't share anything option?

It's called deactivate your account. If you don't want to share anything, then why join a SOCIAL network?

ILikeTobacco said,

If they are so simple, where is the don't share anything option?

If you don't want to share anything, close your Facebook account and hide in a hole.

Artillery said,

If you don't want to share anything, close your Facebook account and hide in a hole.


Artillery said,

It's called deactivate your account. If you don't want to share anything, then why join a SOCIAL network?

Keep up with the convo. I already explained this.

ILikeTobacco said,

Even with that set, wait two weeks and check it again and it will have magically changed back to sharing with people.


It has never changed like that here.

ILikeTobacco said,

Even with that set, wait two weeks and check it again and it will have magically changed back to sharing with people. Facebook privacy settings require the user to do a routine maintenance every couple weeks to make sure they didn't revert back to sharing on them. The reason for switching to that is to "kill" your Facebook without deactivating it allowing you to read other peoples stuff without really using the site anymore yourself. Back when I used MySpace, I use to delete my account, only to recreate it in order to view pictures from friends or something.


They never magically change back. You are completely wrong. You only need to change them once unless they change the privacy settings page, which doesn't happen often. They sometimes add new privacy options to accomodate new features, but they don't change existing settings unless there is an overhaul of the page.

Callum said,

They never magically change back. You are completely wrong. You only need to change them once unless they change the privacy settings page, which doesn't happen often. They sometimes add new privacy options to accomodate new features, but they don't change existing settings unless there is an overhaul of the page.

If you really believe that then you haven't been paying attention to tech news lately. In the past few months they have changed the settings multiple times and every time they do, everything goes back to the default settings which shares most of your info. Just recently they even added one without telling you on facebook that allows 3rd party sites to access your personal info, even if you have everything hidden.

ILikeTobacco said,

If they are so simple, where is the don't share anything option?

LOL! don't share anything?!?! why are you on facebook!!! hahaha

ILikeTobacco said,

If you really believe that then you haven't been paying attention to tech news lately. In the past few months they have changed the settings multiple times and every time they do, everything goes back to the default settings which shares most of your info. Just recently they even added one without telling you on facebook that allows 3rd party sites to access your personal info, even if you have everything hidden.


Last time they overhauled the privacy settings none of my settings changed to show information to everyone; all of the settings that could be maintained were and the new settings were configured as to how Facebook thought I might prefer (hardly anything showing to everyone). The news articles you are reading must be incorrect. You would also be wise to not listen to everything news websites tell you. The fact many news websites caused panic over Facebook allowing developers to access people's address and phone numbers proves this; there is no reason to panic about that because users still have to allow the application to access that information after being displayed a clear warning about it.

The feature you are referring to, which you say "allows 3rd party sites to access your personal info, even if you have everything hidden," is Instant Personalisation. When Facebook released this, they didn't make it very clear they had and did enable it for users by default--that, I admit, was wrong; however, they have since made it more obvious to users by displaying a notice atop their News Feeds and they may have even started disabling it by default for users who did not change it.

Edited by Calum, Jan 26 2011, 7:36pm :

Elessar said,
In all honesty, with the power of graphics cards, can't ANY password be brute-forced ?

That is, if the hash being stored in the database is relatively weak, and, most importantly..available to you. Neither of which it isn't, when it comes to Facebook.
So you're stuck with trying passwords over the Internet, one by one, no GPU involved... until you bump into the unsuccessful login attempts threshold and get ignored :-)

Elessar said,
In all honesty, with the power of graphics cards, can't ANY password be brute-forced ?

No, at least not if they used AES. AES-256 is too strong for this even if doing it all on a local machine, so you'd need a bad password and a dictionary attack for that. Or some security hole...