Posted in Shoddy Security

Another high-profile YouTube account hacked

First it was the Sesame Street YouTube account. Now it’s Microsoft’s:

Microsoft’s official YouTube channel appears to have been taken over by someone not affiliated with the company, who has removed all of the videos and posted solicitations for sponsorships, apparently anticipating an influx of traffic as the news spreads.

I subscribe to the company’s YouTube updates and received notification this morning of two new uploads by the company, both of them rudimentary videos apparently soliciting advertisements for the channel. Since then a third video has been uploaded, along the same lines.

A YouTube account is, of course, a Google account – meaning that someone who signs up for YouTube isn’t just creating an identity on YouTube; they’re creating an identity that can be used with other Google offerings, such as Gmail, Blogger, Picasa, or Google Maps. The list goes on… and on… and on…

Who knows what else the hackers compromised that was in that Google account?

This is why it’s a bad idea to do business the Google way. Google’s account security sucks, as demonstrated by these recent break-ins.

When you trust one company to handle your emails, chat, videos, documents, pictures, credit card data, and other sensitive information, you’re asking for trouble. A lot of trouble.