Author Topic: I May Have Been Hacked  (Read 160 times)

Offline SGOS (OP)

I May Have Been Hacked
« on: September 13, 2017, 01:15:14 PM »
Specifically, my amazon account may have been hacked.  It appears that someone got my email address and my password, and requested that Amazon change my email address.  It was to some strange address that didn't look like a typical email address, but more like a site.  It ended in ".ru"

I was notified just prior to my panic by email from amazon informing me that "I" had requested a change in email address, and I couldn't contact them to tell them I never made such a request, because to do so on their site required that I give them my password which they would not accept.  I finally located a customer service phone number (not available to me without a password) by googling "amazon customer service, phone." 

I talked to a rep that is contacting an amazon specialist to call or email me in the next 24 hours to work this out.  I was told my account is now frozen until we solve this.  It's a creepy feeling to have this happen, and I'm nervous about it.  I googled the email address, but there were no customary links.  It was one of those pages that shows up and mostly focuses on the google request.  I saw brief phrases from forums discussing spam, scam, and Russia in regards to the email address.  I did not attempt to sign into any of them.  The last thing I want to do is give out more personal information at this time.

I had just finished opening an account at imgur.com, but it may be a coincidence that amazon's notification happened just afterwards.

Offline PickelledEggs

Re: I May Have Been Hacked
« Reply #1 on: September 13, 2017, 01:22:03 PM »
A friend of mine recently got hacked on amazon... I wonder if there is a security leak...
"Tell Pilate to release the files!!!" - Bill Hicks
"I have an open mind, but not so open that my brains will fall out" -James Randi
"One who truly hates himself cannot love, he cannot place his trust in another." - NGE

Re: I May Have Been Hacked
« Reply #2 on: September 13, 2017, 01:26:40 PM »
Corporate security seems to be sloppy, no matter which corporation it is. If they want to keep their customers they'd better get their shit together. No one seems to be safe, except those who don't use the internet at all.
God Not Found
"Never criticize someone unless you've walked a mile in his shoes. Then when you criticize him at least you'll be a mile away - and you'll have his shoes."
Ray Magliozzi
"Time you enjoy wasting is not wasted at all."

Offline SGOS (OP)

Re: I May Have Been Hacked
« Reply #3 on: September 13, 2017, 01:55:54 PM »
Corporate security seems to be sloppy, no matter which corporation it is. If they want to keep their customers they'd better get their shit together. No one seems to be safe, except those who don't use the internet at all.
You know, I've had that same thought.  Internet sites gather personal data, seemingly data they don't even need, as if their security is air tight and their integrity is beyond reproach.  I have the suspicion many, maybe most, value my data, probably so they can sell it for profit. We live in a new age where even personal trivia has a value.

Offline SGOS (OP)

Re: I May Have Been Hacked
« Reply #4 on: September 13, 2017, 01:59:52 PM »
A friend of mine recently got hacked on amazon... I wonder if there is a security leak...
I asked the rep if my phone call had a familiar sounding concern, and she said, "No, this is the first time I have heard about this specific concern."  Of course that doesn't really mean much.  It may or may not be true.

Offline Baruch

Re: I May Have Been Hacked
« Reply #5 on: September 13, 2017, 03:05:04 PM »
I asked the rep if my phone call had a familiar sounding concern, and she said, "No, this is the first time I have heard about this specific concern."  Of course that doesn't really mean much.  It may or may not be true.

Was the rep named "Boris" of "Natasha"?  Don't worry, Putin just needed you to pay for his Playboy renewal ;-)
שלום

Offline SGOS (OP)

Re: I May Have Been Hacked
« Reply #6 on: September 13, 2017, 03:13:25 PM »
Was the rep named "Boris" of "Natasha"?  Don't worry, Putin just needed you to pay for his Playboy renewal ;-)
No, but as usual, I had a difficult time understanding her Mideast accent.  I hope the specialist is easier to understand.

Offline Baruch

Re: I May Have Been Hacked
« Reply #7 on: September 13, 2017, 03:16:08 PM »
Corporate security seems to be sloppy, no matter which corporation it is. If they want to keep their customers they'd better get their shit together. No one seems to be safe, except those who don't use the internet at all.

Correct ...
https://arstechnica.com/information-technology/2017/09/equifax-website-hack-exposes-data-for-143-million-us-consumers/

https://en.wikipedia.org/wiki/List_of_data_breaches

The breaches aren't coincidences.  You are a drug user in an opium den ... don't think that the drug dealer is your friend, or that you are innocent.

« Last Edit: September 13, 2017, 03:18:06 PM by Baruch »
שלום

Offline Baruch

Re: I May Have Been Hacked
« Reply #8 on: September 13, 2017, 03:20:07 PM »
No, but as usual, I had a difficult time understanding her Mideast accent.  I hope the specialist is easier to understand.

After-selling bothers me ... did she offer "convert to Islam now, and we will send you a Ginsu scimitar and a Quran in English, absolutely free (not counting shipping)"?
שלום

Offline SGOS (OP)

Re: I May Have Been Hacked
« Reply #9 on: September 13, 2017, 03:27:58 PM »
https://en.wikipedia.org/wiki/List_of_data_breaches
It's disconcerting that many of these resulted from being lost, stolen, or accidentally published.  Also "poor security" is interesting.  I consider all data at risk all the time.  What does it take to go from at risk to poor?

Offline Baruch

Re: I May Have Been Hacked
« Reply #10 on: September 13, 2017, 03:31:16 PM »
It's disconcerting that many of these resulted from being lost, stolen, or accidentally published.  Also "poor security" is interesting.  I consider all data at risk all the time.  What does it take to go from at risk to poor?

If you are financially hacked in the US, it typically takes $10,000 of effort to restore your credit and identity.  Stealing medical identity is even more lucrative ... you can buy those on the Dark Net for $250 a pop ... ordinary identity is only $150 a pop.  Medicare fraud is a big business.  Why do you pay 21% on your long term credit card balance?  Because MC/Visa has no way of stopping the Armageddon they started ... before the Internet.  This is basically the human face of information entropy.  Once information is created, it diffuses, same as a drop of squid ink released into the ocean.  Once the data breach cost per year equals the total GDP, then we are all data pirates, and the ocean is completely squid ink.
« Last Edit: September 13, 2017, 03:33:55 PM by Baruch »
שלום

Offline Hijiri Byakuren

  • ULC Minister, Honorary Doctor of Divinity
  • *
  • Posts: 5084
  • Total likes: 1709
  • That's DOCTOR Hijiri, to you!
    • The Lore Of Samsara
Re: I May Have Been Hacked
« Reply #11 on: September 13, 2017, 08:17:19 PM »
This is why I appreciate services like Steam that have extra layers of security beyond a username and password. Several months ago a hacker with a Belarus IP address got ahold of my login and tried to access my account; they failed due to Steam Guard requiring verification through my phone (which I of course denied).


Sent while riding my mighty steed: Godzilla

Offline SGOS (OP)

Re: I May Have Been Hacked
« Reply #12 on: September 13, 2017, 08:30:22 PM »
This is why I appreciate services like Steam that have extra layers of security beyond a username and password. Several months ago a hacker with a Belarus IP address got ahold of my login and tried to access my account; they failed due to Steam Guard requiring verification through my phone (which I of course denied).


Sent while riding my mighty steed: Godzilla
Cool.

Re: I May Have Been Hacked
« Reply #13 on: September 13, 2017, 10:47:16 PM »
This is why I appreciate services like Steam that have extra layers of security beyond a username and password. Several months ago a hacker with a Belarus IP address got ahold of my login and tried to access my account; they failed due to Steam Guard requiring verification through my phone (which I of course denied).
MFA ftw.

Authentication is based on one of three things:
* Something you have (car keys)
* Something you know (PIN, password)
* Something you are (thumbprint, retinal scan)

Requiring two or more makes it that much harder for an attacker to compromise the account.  It's also a slight inconvenience for the end user, but that's the cost of security.

Offline Cavebear

Re: I May Have Been Hacked
« Reply #14 on: September 14, 2017, 01:42:38 AM »
I had a ru site visting my blog, so I panicked and backed it up.  Changed my password to REALLY long weird stuff. 

Nothing bad happened, but it IS a good habit once a month.  And keeping your routine backups not on your computer...
Atheist born, atheist bred.  And when I die, atheist dead!