OurMine

OurMine operates as a hacker collective that carries out unauthorized intrusions, website defacements and distributed denial‑of‑service attacks. The group gains entry to target systems by exploiting reused or outdated credentials, often leveraging third‑party management tools such as Khoros to access social‑media accounts. Once inside, they post unauthorized messages, alter webpages or flood servers with traffic to disrupt service. Their activities are directed at high‑profile profiles on platforms like Twitter, Facebook Messenger and at the online properties of media organizations and technology firms. OurMine typically announces responsibility for each operation through the defaced content or public statements.

What distinguishes OurMine from other threat actors is its consistent focus on credential‑reuse exploitation as a primary attack vector, a technique that has allowed it to compromise accounts belonging to CEOs of major tech companies and to entertainment‑news outlets such as HBO, Variety and BuzzFeed. The collective is also known for embedding political or rivalry‑based messages in its defacements, as seen when it criticized Anonymous while claiming responsibility for the WikiLeaks breach. Its use of DDoS attacks appears to be retaliatory, often launched in response to perceived harassment from other hacker groups. OurMine’s operations are marked by a pattern of public claiming credit, which amplifies the notoriety of each incident beyond the technical impact. The group's targeting spans sectors such as sports, media, technology and entertainment, reflecting a broad interest in prominent online presences rather than a narrow niche.

Evidence of the group's reach includes the February 2020 compromise of Facebook's Twitter account and Messenger via Khoros, the August 2017 defacement of WikiLeaks' homepage, and the July 2016 DDoS assault on a transparency‑focused website that was framed as retaliation against Anonymous. These incidents demonstrate an ability to affect both major corporate social‑media presences and niche advocacy sites, causing temporary service interruptions and reputational embarrassment. OurMine’s repeated references to past conflicts with other hacker collectives illustrate a motivation that blends technical capability with interpersonal disputes. Collectively, these actions establish OurMine as a persistent actor that leverages simple credential weaknesses to achieve high‑visibility impacts.