Computerworld.com is reporting that a hacker was able to gain access to a Twitter employee’s documents after hacking the employee’s email account. Many confidential company documents were leaked. It seems if you post enough personal information on the Web – via social networking sites, for example – the bad guys can then pose as you asking for a new password. By learning about you online – your pet’s name, where you’re from, etc. – they can then guess the correct answers to your reset password security questions and gain access to your email. This is how Governor Sarah Palin’s Yahoo email account was breached during the campaign in 2008.
What’s the lesson? Create tougher passwords. Stop being so lazy – have a different password for all your accounts. Change it occasionally. And if you can’t remember passwords, use a product like Roboform to generate and store passwords for you.