A couple of years ago my Gmail acct was accessed by someone in Hungary. I am not sure how they got in but I changed my password immediately. I lost several thousand email messages. I implemented a difficult to type and guess password, used two step authentication and started to change up my passwords frequently.
Over time I got careless. I hated two step authentication and instead of a hard to type password, I used a much easier one. A sports team.
A couple of weeks ago I realized that I had become careless and “calgaryflames” was not a good password for my email. I saw this post by Khoi Vinh and realized that I needed to up my game but never got around to it.
Yesterday on the 5:15 p.m. Saskatoon Afternoon roundtable, I mentioned that I was a Calgary Flames fan and realized that I needed to change my password again.
As I got home last night, people asked me if I was deleting tweets. I wasn’t and decided to see what was going on and I could see tweets disappearing in front of my eyes. My first thought was that Twitter was having a server error but then I realized that no, they were being deleted rapidly. I tried to log into Twitter and could not. That wasn’t good.
I checked my email and that was locked as well. After getting that unlocked and my old access back, I was able to have my Twitter password sent to me.
By that time, all of my tweets except for two retweets were gone (those two retweets disappeared last night). At the same time I realized that my blog was hacked as was two other social networks.
I have backups of my blog and I restored that database. By that time I kind of noticed emails were missing. Basically some of the messages that I had that were filtered a certain way were deleted. It also looks like some searches were done and then the messages were deleted. I have asked Google to see if I can get those back but from what I have read, they are gone.
Gmail does log IP addresses that log into the service but those are dead ends. When I searched them, they lead to an anonymous offshore IP service that hides IP addresses. You know if case you have to hack someone’s account. If you searched for “password” in my email account, that would have given you all of my passwords or the ability reset passwords. That is what screwed things up for me and gave them the keys to other services.
Everyone wants to know if it was just random or if someone was looking for something. I don’t really know but my feeling is that they hacked the password, looked around, saw a lot of boring stuff, deleted some crap, and left once I started to freeze and re-access somethings.
Did they find anything interesting? No. Things I hold in confidence are actually stripped of identifying information and forwarded to a secure account. Traces of which are deleted from my email system. So what they found are social media passwords (doh!), XS Cargo flyers (yawn) and recommendations from Amazon on what I need to read next.
So to avoid this from happening to you, here are the steps you need to do to keep your data safe.
- Set up two-step authentication on all accounts that provide it
- Use Diceware to create secure passwords for all your email accounts
- Create a unique email address for your most valuable log-ins
- Use a good password utility to create unique, strong passwords for every site you visit
- Create fake security-question answers
- Freeze your accounts with all three credit agencies
- Don’t let Web sites store your credit card info
- Hide your Who-is listings if you own your own domains
- Set up WPA-2 encryption on your wifi router
- Never click links in email
- Prepare ahead of time for identity theft or hacking