How I lost my $50,000 Twitter username

Discussion in 'other security issues & news' started by Minimalist, Jan 29, 2014.

Thread Status:
Not open for further replies.
  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,067
  2. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    If Paypal is doing crap like that, no one has any business using them.
     
  3. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,952
    Location:
    U.S.A.

    Related: PayPal Takes Your Security Seriously, Featuring Editor, PayPal Forward.​
     
  4. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,049
    Location:
    USA
    Of course PayPal denies the accusations. I had a bad experience with them a few years ago and refuse to ever do business with them again.

    An interesting article that shows that you can get robbed by no action of your own.
     
  5. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
  6. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    http://arstechnica.com/security/2014/01/picking-up-the-pieces-after-the-n-twitter-account-theft/
     
  7. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,280
    Same here.
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,067
  9. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    This.
    Don't use the same identity for every single service online; compartmentalize.
    With 'fake' identities you only have all the details from, social-engineering becomes a no-go.
    And lock/disable accounts for 'reset-password-by-phone'.
     
  10. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    Thank you for posting these articles. This is extremely interesting and enlightening reading. It has made me look at the security of my own domains and accounts.

    I have to admit, if I had been offered $50,000 dollars for the letter N on Twitter, I would have tried to get $100,000 for it--maybe auction it on eBay or somewhere else. Then I could have relieved myself of the security problem and could laugh to myself for the rest of my life about the huge amount of money I got for a letter of the alphabet. :D
     
    Last edited: Feb 2, 2014
  11. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    That is the best option IMO, but I'm not sure if it's possible.
     
  12. FreddyFreeloader

    FreddyFreeloader Registered Member

    Joined:
    Jul 23, 2013
    Posts:
    527
    Location:
    Tejas
    :thumb: :thumb: :thumb: :thumb: :thumb: :thumb: :thumb: :thumb: :thumb:
    Wonder how long before another thief steals the account?
     
  13. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,067
    Same here. I've also checked my accounts and have made some changes. Nothing can protect you against social engineering on provider's side. Most accounts that I use, doesn't have an option to prevent password reset by phone. So there really isn't much one can do. Just not to put all eggs in one basket.

    hqsec
     
  14. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    http://arstechnica.com/security/201...up/?comments=1&post=26147901#comment-26147901
     
  15. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    With all this noise did he got it back, not clear to me... o_O
     
  16. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    Thank you for sharing your story. I will be making changes to my paypal account immediately. Do you think you may have a case for litigation? I would really look into this. If you can prove that they violated their own terms of service then you definitely have a lawsuit, and you may have one even if they did not. It's definitely worth looking into. Companies almost never change until they are forced to be accountable for their negligence through litigation.
     
  17. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    The problem is which changes you can make to secure paypal?? There is no possibility to opt out of phone support. However you have the option to add a PIN that you will need to use when calling paypal. Will it help? o_O
     
  18. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,067
    This is not my personal story. I only shared link to story that I've found. I do agree with you about possible lawsuit.

    hqsec
     
  19. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    Ok, thanks for clearing that up. I hope they do pursue litigation to protect us all from this type of poor business practice!
     
  20. SuperHax

    SuperHax Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    20

    Screw paypal, people need to start using alternatives.
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,067
  22. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    Maybe this will be a lesson to hackers to not waste their time with trying to steal user's twitter handles.
     
  23. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Interesting.
     
  24. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    If there were any. Usually you can pay by a card or by paypal and that is it and paypal is obviously safer.
     
  25. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Unfortunately in some places, there are none.
     
Loading...
Thread Status:
Not open for further replies.