For a short time on Sunday 5 June, the Twitter and Pinterest accounts of Mark Zuckerberg became 'compromised'.
A hacker group by the name of OurMine had apparently gained control of the Facebook CEO's social media accounts, posting a Tweet reading "Hey we got access to your Twitter & Instagram & Pinterest, we are just testing your security, please direct message us."
What clever ploy had the hackers used to gain access to the accounts of one of world's most powerful businessmen? An ingenious piece of coding? A virus that had stolen his log in details?
Nope. They discovered that Zuckerberg was reusing an old password for each of his accounts - a password they had obtained in the recent dump of hacked LinkedIn account details. Rather than use separate passwords for each of his accounts, Zuckerberg was still using the same string of letters for his Twitter and Pinterest accounts.
The password in question?
We've got no idea what it relates to either. Maybe Zuckerberg was previously part of a barbershop quartet?
A Facebook spokesman told Reuters that the affected accounts had "re-secured using best practices", adding that "no Facebook systems or accounts were accessed" - hinting that his Instagram account hadn't been messed around with.
The whole episode serves as a pertinent reminder that no one is safe from hacks - even if you run one of the biggest websites in the world.
If you use the same password for multiple accounts, you're leaving yourself open to this sort of 'hack': while many services you use might be secured with two step authentication and the like, all it takes is for one website - like an old photo editing service you used in 2010 or local cinema log in - to be targeted in a data leak and a curious hacker could use your email and password to try accessing a bunch of other websites.