GET THE FREE NATIONAL CYBER SECURITY APP FOR YOUR PHONE AND TABLET
Niantic Labs CEO John Hanke has been extremely busy after launching Pokémon GO. Since creating what has become the world’s most popular mobile game, he’s dealt with server outages, rogue apps that violated the game’s terms of service and the constant bombardment of messages from fans.
On Sunday, he had another crisis to deal with it: He was hacked.
A hacker community known as OurMine gained access to Hanke’s Twitter and Quora accounts, and began posting messages on those networks under his name. A member who claimed to be part of that hack contacted FORBES and said that the group also had access to Hanke’s Foursquare and private Facebook FB -0.83% accounts after using a brute force tool to guess his passwords. (FORBES communicated with that member through direct messages on Twitter after they were able to verify themselves via a message sent through the group’s contact page.)
“We have 2 reasons,” the hacker wrote. “1 – we are testing his security 2 -for brazil & argentina & chile [sic].”
A spokesperson for Niantic did not respond to messages requesting comment.
OurMine has gained notoriety for hacking into the social media accounts of various technology executives, among them Google GOOGL +3.43% CEO Sundar Pichai, Twitter and Square CEO Jack Dorsey and Facebook CEO Mark Zuckerberg. The group also claimed credit for a distributed denial of service (DDoS) attack on Pokémon GO’s servers earlier in the month.
The hacker, who refused to give his name or location, said they do not play the game, but noted that many people had requested that the group attack Hanke’s accounts. “We are just trying to tell everyone that nobody is safe,” they said, before reminding people to use two-factor authentication and to change their passwords every two to three weeks. The hacker also said that the DDoS attack was meant to “show them how to protect their servers.”
Pokémon GO has not launched in Brazil, Argentina or Chile. When asked if their hack would move game’s arrival forward in those countries, the hacker simply responded with “maybe.”
They noted that they have yet to post anything on Hanke’s Facebook because it had less than a thousand followers. “When we check someone [sic] security, we should scan all of his accounts,” the hacker wrote. “But we didn’t do anything with it. We never change passwords.”
The hacker confirmed that the attack was not due to any changes in the gameplay or the fact that Niantic decided to cut off access for popular apps and sites that helped players locate the virtual creatures on maps