January 30, 2014
High Profile Twitter Hack Implicates GoDaddy And PayPal
Peter Suciu for redOrbit.com – Your Universe Online
To paraphrase Shakespeare, what’s in a Twitter handle? A tweet will still be 140 characters, but for N Methods CEO Naoki Hiroshima his tweets won’t come through his once coveted Twitter handle @N. According to online reports, he had been offered as much as $50,000 for it, but apparently “traded” the username to an unidentified hacker.Moreover, Hiroshima puts some of the blame on GoDaddy, which hosts both his domain name and vanity e-mail Address. CNet reported that Hiroshima called the domain registrar and web hosting company to find out why he couldn’t log in and was asked to verify his account. He was unable to do either.
Hiroshima, who is also head of mobile at Lark Technologies, received an email from an unnamed hacker who said that he had accessed Hiroshima’s GoDaddy account, and then changed all of his personal information thus rendering the account completely inaccessible.
The hacker then said he wanted full control over the @N Twitter username.
“I see you run quite a few nice websites so I have left those alone for now, all data on the sites has remained intact,” the attacker reportedly wrote to Hiroshima as reported by CNet. “Would you be willing to compromise? access to @N for about 5 minutes while I swap the handle in exchange for your godaddy, and help securing your data?”
Hiroshima accepted the offer and traded his Twitter account, while the hacker then provided tips on how he could make his accounts more secure.
According to the reports, the hacker had called PayPal and used social engineering to gain the last four digits of Hiroshima’s credit card, which the hacker used as a way to verify account information with GoDaddy. This in turn began a chain of events that gave the hacker control over nearly everything else that belonged to Hiroshima in the digital sphere.
“Most websites use email as a method of verification. If your email account is compromised, an attacker can easily reset your password on many other websites. By taking control of my domain name at GoDaddy, my attacker was able to control my email,” Hiroshima posted on his blog.
For its part, PayPal apparently has denied that it released the information about Hiroshima to anyone. It initially denied this via Twitter and then released an official statement:
“As we do with all incidents of this nature, we immediately began an investigation to understand the details of the case. While it is against our policies to discuss details related to our customers' accounts, we did want to provide at least a few facts publicly,” PayPal said in a statement.
It added, “We have carefully reviewed our records and can confirm that there was a failed attempt made to gain this customer’s information by contacting PayPal. PayPal did not divulge any credit card details related to this account. PayPal did not divulge any personal or financial information related to this account. This individual's PayPal account was not compromised.”
GoDaddy'sChief Information Security Office Todd Redfoot accepted that it was in fact partially responsible for letting Hiroshima’s accounts be hacked.
“Our review of the situation reveals that the hacker was already in possession of a large portion of the customer information needed to access the account at the time he contacted GoDaddy,” Redfoot said in a statement. “The hacker then socially engineered an employee to provide the remaining information needed to access the customer account. The customer has since regained full access to his GoDaddy account, and we are working with industry partners to help restore services from other providers.”
GoDaddy is now reportedly changing how its employees are trained so as to avoid similar social engineering targets.
For now it isn’t clear if Hiroshima will get his @N Twitter handle back. TechCrunch reported that Twitter has banned the @N account for now.