Ask anybody about the importance of online security and data management, and you’ll probably hear similar advice. Back up your files regularly. Don’t use the same weak password everywhere. Enable two-factor authentication. A digital life necessitates a layer of precautions that can be repetitive and even exhausting to maintain. It’s easy to brush off the warnings we’ve all heard hundreds of times because “that’ll never happen to me.” Until it does.
When I went to sleep last Monday night, I had no idea that I’d open my eyes to dozens of confusing notifications and my Twitter account taken over by a security hacker group. It caught me completely off guard, but it didn’t have to be that way. Hopefully by relaying my story and some hard lessons I learned along the way, I can help you avoid the same situation as you manage the safety and security of your online accounts and data.
Just after 11 P.M. on August 28th, after I’d gone to sleep, emails started to pop up in my inbox. “Security alert: new or unusual Twitter login,” and “Reset your Hover Password.” Within minutes, my Twitter account was compromised and logged into from a device and location I was unfamiliar with. The password and email address associated with the account were changed, and my entire profile was defaced.
The majority of my 117,000 tweets were deleted, and my following list was emptied. It was as if several years of my life online suddenly ceased to exist. Had I been awake at the time of the attack, perhaps I could’ve taken quicker action, but this group operated overnight.
As I woke up the next morning, I began to realize how potentially dangerous this situation was. My account was connected to dozens of other apps and services that allow you to “sign in with Twitter.” It wasn’t just my social accounts at risk, it was my entire digital life. Sloppy security had put me in this position. I hadn’t enabled two-factor authentication. I had reused the same password on several accounts as so many of us do. To a hacker, I was essentially an open door.
I found out that the hacking group OurMine was responsible for the attack. OurMine has hacked high-profile Twitter accounts in the past, including that of Twitter founder and CEO Jack Dorsey, Sony, HBO and plenty of others. The group continues to wreak havoc online, most recently defacing WikiLeaks. For some reason, they targeted me as well.
Inside my account, hackers were having fun. I received a notification that my Twitter archive was ready to be downloaded. Since my account still had authorized access to Tweetbot, I continued to receive notifications for some time after I lost control of the account, which is how I found out that the hackers were chatting with followers of mine via Direct Message. (I used a second Twitter account to try to alert my followers to the compromise.)