$50,000 Twitter Handle Restored to Its Rightful Owner

$50,000 Twitter Handle Restored to Its Rightful Owner

Naoki Hiroshima is now back in control of his valuable single-letter Twitter handle: @N.

You may recall the story of Naoki Hiroshima, a Japanese blogger whose extremely rare single-letter Twitter handle (which he valued at up to $50,000), was stolen from him by a hacker abusing PayPal and GoDaddy security flaws. We're glad to report that, as Hiroshima himself puts it, "Order has been restored", and Twitter has restored the stolen account to its rightful owner.

Twitter said it was "investigating" following Hiroshima's publication of the incident, and did not return the handle to him right away. The @N account was made private and was later shut down, but access was not restored to Hiroshima until today.

Hiroshima's hacker was able to gain access to his GoDaddy account using incomplete credit card information obtained from PayPal, and masquerading as an employee to the technical support consultant.

Hiroshima managed to figure out something was up when his PayPal and GoDaddy went down, and quickly changed the associated email address for his Twitter. But, at this stage, the hacker turned to extortion, claiming that he would delete all of Hiroshima's GoDaddy domains if he didn't turn over the username.

PayPal, of course, denied that the whole thing happened, claiming that "Our customer service agents are well trained to prevent social hacking attempts like the ones detailed in this blog post," and GoDaddy didn't even offer a comment.

It's nice to see this story get a happy ending.

Source: Ars Technica

Permalink

Steven Bogos:
Interesting

I enter this as Exhibit A towards the hacked Searcy account theory I proposed in the other thread. If it can happen to this man, it can happen to anyone.

OT: Good to know that he got it back. We can't be too careful about these things.

Overall this story is sorta strange. I cannot put my finger on it but I guess that in the end it feels more like it should be in a film or novel rather than playing out in real life.

Lessons to learn from this:
-Avoid GoDaddy like the plague
-PayPal is not trustworthy either, and will give out credit card info over the phone
-Twitter doesn't care about their users at all

It's good to see @N finally got his account back, but without the media jumping on this it would have been lost. This has happened to other "valuable" accounts in the past, and Twitter is notoriously unhelpful unless you're a big company.

Wait. How is a Twitter account worth that amount of money? What am I missing here?

AgentLampshade:
Wait. How is a Twitter account worth that amount of money? What am I missing here?

Its a rare single digit account name, they are desirable and because you cannot get one now and its given them a perceived value that some people are willing to part with to acquire one. Its the same situation you get with certain car registry plates, phone numbers and e-mail addresses

Back OT,

As for the guy getting it back, good for him. If he didn't want to sell it he must have really liked it and having it stolen through no fault of his own must have pissed him off, yes, yes first world problems and all that but its never nice having things you like stolen. Its nice to see that he got it back, I wonder if it would have happened without all the media attention though.

J Tyran:
I wonder if it would have happened without all the media attention though.

It wouldn't. The previous case I know of this was when @djs was stolen, now @devinsnipes. After about 6 months of doing nothing @djs was finally suspended, but not returned.
And there are other cases in the past. Unless the victim manages to cause a media uproar like @N did, Twitter will ignore them.

erbkaiser:

J Tyran:
I wonder if it would have happened without all the media attention though.

It wouldn't. The previous case I know of this was when @djs was stolen, now @devinsnipes. After about 6 months of doing nothing @djs was finally suspended, but not returned.
And there are other cases in the past. Unless the victim manages to cause a media uproar like @N did, Twitter will ignore them.

Disgusting really, you think they would care about their users a bit more but its par for the course with a lot of companies.

The fact that people trust Paypal with large sums of money given their track record of bad security, freezing accounts for no good reason, and general bad overall service saddens and confuses me. On top of all that their dispute system is set up in such a way that it totally hoses the seller in almost every way possible. Ok, my Paypal rant is over now . . . .

J Tyran:
Disgusting really, you think they would care about their users a bit more but its par for the course with a lot of companies.

The dirty truth at last huh? Those social networks who insist they're all about you and making you happy really are just another money grabbing organization of jerks like everything else!

I feel so betrayed.

OT: As surprising as it is that someone would value a Twitter account at that high a number, I'm shocked someone would actually go through the effort of stealing it. I guess I still just don't understand the internet.

I suppose I should be glad he got his 'valuable' property back.

AgentLampshade:
Wait. How is a Twitter account worth that amount of money? What am I missing here?

It is not. The owner says it has this much value, which is about as valid as if I'd say my desk is worth $10 million.

AFAIK he even had it up for auction for those $50,000 and didn't sell it, therefore its value is obviously not that and the media should not refer to it as such.

AgentLampshade:
Wait. How is a Twitter account worth that amount of money? What am I missing here?

Someone offered $50,000 for it because single-letter accounts are rare...only 26 in existence :P

But yea, let's all take away what we've learned from this:

1.) Don't use Go Daddy. Take a few hours to actually learn how to create and host a website. It will be higher quality and more secure.

2.) Use a real bank, not Paypal.

I think GoDaddy are the ones who need to be the most ashamed of this whole thing. From what I've heard, the deal was that they would give the hacker access to the account based on the last four digits of the credit card if he was able to provide the first two number; then they let him guess TEN FUCKING TIMES! And that's just ten times until he got it; who knows how long they'd have let him go? It's called "security" for a reason, GoDaddy.

So pretty everyone involved with this ought to be ashamed of themselves?

Pretty much a fail all'round.

Its sad that this shit can still happen.

Steven Bogos:
PayPal, of course, denied that the whole thing happened, claiming that "Our customer service agents are well trained to prevent social hacking attempts like the ones detailed in this blog post," and GoDaddy didn't even offer a comment.

Remember, as long as you deny EVERYTHING, there is no way the Internet will document this incident and scream from the highest rooftops that you suck.

Not at all.

This has never backfired against anyone ever.

I would like to thank Steven for writing about this because so often we get stories of something like the twitter hack without ever hearing about how it ended. So i thank you for showing us the conclusion.

 

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here