Data breaches…the gift that keeps on giving. At least, that’s the way Facebook co-founder Mark Zuckerberg has been experiencing them lately. Thanks to (probably) the 2012 LinkedIn hacking event, the social media creation whiz had three of his online accounts breached. How does that add up?

Mark Zuckerberg and hackers

Data that was stolen in 2012 was released only a matter of weeks ago on a dark web sales platform. Information that was stolen all that time ago included usernames, emails, and passwords for the business-oriented networking platform. Anyone who had established a LinkedIn account–and then promptly forgot about it–may have inadvertently been using a password on that site that they repeated on another site.

Hence the hacking of Zuckerberg’s Twitter and Pinterest accounts. Once the thieves accessed his LinkedIn account using the outdated, stolen information, they tried their hand at his other accounts and landed on access to two other social media accounts. Unfortunately, the genius behind arguably one of the most game-changing tech innovations of recent times reportedly used “dadada” as his password.

Security experts have warned for some time that using weak passwords and then reusing your passwords on multiple sites is just courting danger. A strong password is one that contains an unguessable combination of letters (upper and lower case), numbers, and symbols; it should never contain any part of the user’s name, email domain, or the name of the website where the account is based. Of course, it should also not be one of the single most common passwords in use: password.

Also, as the term implies, a unique password is one that you only use on one account. Had Zuckerberg heeded this crucial warning, the group who accessed his information on LinkedIn would have gotten no further than that lone account. The problem comes in trying to create a strong password that meets the above criteria, then trying to remember it for every different online account. This proves impossible, which is why experts recommend downloading a password manager like LastPass.