Go Daddy admits that it was at fault in the @N case. Paypal denied any fault.
ItWorld covered the story that has been going on for a few days with regards to Naoki Hiroshima, his Twitter handle @N and his Go Daddy account.
The story has been covered inside the domain world and out and now comes an acknowledgement from Go Daddy and a denial from Paypal.
— GoDaddy has acknowledged that one of its employees fell victim to a social engineering attack allowing a hacker to take over a customer’s domain names and eventually extort a coveted Twitter user name from him. PayPal, which the victim claimed also played a role in the attack, denied the accusations.
Naoki Hiroshima, a software engineer and creator of the Cocoyon location sharing mobile app, reported Wednesday in a blog post that a hacker successfully extorted him into giving up his single-letter Twitter user name, called @N, after first hijacking his domain names registered at GoDaddy, email address and Facebook account.
Hiroshima claims he had received offers in the past from people willing to buy his @N Twitter handle for as much as US$50,000. He also said he regularly receives password reset emails from Twitter, suggesting that the account is a constant target for hackers.
The article goes on to talk about Paypal and their refusal to accept any responsibility which seems odd, since the hacker said how he got the info from them.
From the article:
PayPal dismissed the claims that its employees released personal information or credit card details from Hiroshima’s account.
“We have carefully reviewed our records and can confirm that there was a failed attempt made to gain this customer’s information by contacting PayPal,” the company said in a statement Wednesday on its website.
“Our customer service agents are well trained to prevent social hacking attempts like the ones detailed in this blog post,” PayPal said. “We are personally reaching out to the customer to see if we can assist him in any way.”
While he regained control of his domain names, Hiroshima still hasn’t recovered the much coveted Twitter user name. The hacker seems to have deleted the @N account following the attention attracted by the developer’s blog post and story.
“It seems that Twitter simply ignored my claim and let somebody grab @N freely. Seriously?” the developer said Thursday on Twitter.
How Twitter can ignore this I have no idea, but who knows I have never found them to be the sharpest when it comes to people manipulating them to get access to a handle that has been inactive.