Twitter User Loses @N Twitter Handle Worth $50,000, How PayPal and GoDaddy Might Be At Fault and Who Owns It Now
Having a one-letter-Twitter handle might be worth thousands of dollars, but who would've known the extent to own it. For Naoki Hiroshima, his @N was lost, and it was worth $50,000.
"People have tried to steal it. Password reset instructions are a regular sight in my email inbox," wrote Hiroshima on Medium.com. "As of today, I no longer control @N. I was extorted into giving it up."
Hiroshima elaborated how somebody attempted to steal from his PayPal account and received a text message from the company for his one-time validation code. It was Jan. 20. It wasn't until later that day he received a message from GoDaddy when checking his email through Google Apps. The GoDaddy message stated his Account Settings were modified and if he didn't make the changes, he should log into his account or contact customer support. After logging in failed, Hiroshima contacted GoDaddy. It should've been an easy process to valid Hiroshima's identity except an attacker changed it all.
"I had no way to prove I was the real owner of the domain name," added Hiroshima.
A GoDaddy representative, as an alternative, told him to file a case report using his government identification. He expected this process would be enough to prove his identity and ownership of his account.
He was wrong.
Since his GoDaddy account was compromised, control of Hiroshima's email was out of his hands.
"I soon realized, based on my previous experiences being attacked, that my coveted Twitter username was the target," said Hiroshima.
He received a Facebook message from an unknown user stating to change his Twitter email address.
"I assumed this was sent from the attacker but I changed it regardless. The Twitter account email address was now one which the attacker could not access," he added, noting the attacker tried to reset his Twitter password on a number of occasions and even opened an issue with Twitter's Zendesk support page.
Twitter required the attacker to establish more information proving Hiroshima's identity. The attack then went onto Facebook. Alas, the attacker finally contacted Hiroshima via email and confirmed the twitter handle @N was the target. GoDaddy domains belonging to Hiroshima were also under the control of the attacker, who stated he will not harm the domains unless there's access to @N.
GoDaddy proved no help for Hiroshima since he was not listed as the "current registrant." Therefore, GoDaddy contacted the attacker to validate account information instead of Hiroshima. He was infuriated but nothing on behalf of GoDaddy helped solve the issue. Contacting Twitter seemed to go nowhere, and Hiroshima realized the best way to end the extortion was to give up @N. Hiroshima changed his Twitter handle to @N_is_stolen. Afterwards, Hiroshima was given control of his GoDaddy domains again.
In a weird twist, the attacker elaborated on how he or she was able to infiltrate his GoDaddy account.
The attacker called PayPal and managed to obtain Hiroshima's last four digits of his credit by using "very simple engineering tactics." In regards to the GoDaddy accounts, the attacker called GoDaddy and claimed he lost his card but remembered the last four digits.
"If you are using your Google Apps email address to log into various websites, I strongly suggest you stop doing so," wrote Hiroshima. "Use an @gmail.com for logins. You can use the nicer custom domain email for messaging purposes, I still do."
Hiroshima stated "stupid" companies might give out one's personal information such as credit card numbers to the wrong person, and it is best to not let such companies store credit card information. He also noted he's leaving GoDaddy and PayPal "as soon as possible."
The saga of the @N Twitter handle continued as it now belongs to a different owner. The latest twist is it isn't Hiroshima or the attacker. It is unclear who's the new owner.
According to a 2012 Pew Research Center study, Hispanics accounted for the second-largest race/ethnicity of Twitter users after Blacks.
It seems that Twitter simply ignored my claim and let somebody grab @N freely. Seriously?
— Naoki Hiroshima (@N_is_stolen) January 30, 2014
__
For the latest updates, follow Latin Post's Michael Oleaga on Twitter: @EditorMikeO