Another week, another round of hackers stealing customer information—or, in a very strange case, one customer’s online identity.
Yahoo took to Tumblr Friday morning
to announce that someone had attempted to access to some Yahoo Mail accounts. The company didn’t give a number of accounts affected, but it did say the hack was probably the result of a “third-party database compromise.”
“We have no evidence that they were obtained directly from Yahoo’s systems,” the company’s post states.
Yahoo offered users a list of tips for keeping accounts secure and said it has reset the passwords on the accounts that were affected.
Meanwhile, online domain registrar GoDaddy stepped up to admit that it played a role in a hacker stealing the Twitter handle @N from app developer Naoki Hiroshima, who has started tweeting under the name @N_is_stolen
Here’s how someone reportedly got hold of Hiroshima’s coveted one-letter handle: The hacker reportedly called PayPal and asked for the last four digits of Hiroshima’s credit card number. (PayPal denies ever having given that information out
.) Then the hacker called GoDaddy, where Hiroshima had set up the domain for his personal website, and guessed at the rest of Hiroshima’s credit card number.
Through that, the hacker gained access to Hiroshima’s site and his email, holding it hostage until Hiroshima gave up his coveted Twitter handle.
[RELATED: Ragan's new distance-learning site houses the most comprehensive video training library for corporate communicators.]
GoDaddy’s Chief Information Security Officer Todd Redfoot released this statement, according to TheNextWeb
Our review of the situation reveals that the hacker was already in possession of a large portion of the customer information needed to access the account at the time he contacted GoDaddy. The hacker then socially engineered an employee to provide the remaining information needed to access the customer account. The customer has since regained full access to his GoDaddy account, and we are working with industry partners to help restore services from other providers. We are making necessary changes to employee training to ensure we continue to provide industry-leading security to our customers and stay ahead of evolving hacker techniques.
Based on several Wednesday tweets from Hiroshima, the hacker apparently simply deleted his @N account. Twitter then allowed someone else to register the name. The account currently lacks any tweets