Someone’s up in my Yahoo account RIGHT NOW, and i can’t do anything about it.
Category: rants
ruby’s rants & randomness
If you’re not outraged, you’re not reading my blog.
Twitter / mat: @kathrynyu Sounds like the …
Twitter / mat: @kathrynyu Sounds like the …
-
@mat @ruby’s Twitter, Paypal, Dreamhost, Apple ID, etc was hacked and her Twitter account was taken over. http://rubyji.tumblr.com/ Familiar…
-
@kathrynyu @Lia @notrubyyo no I had not seen it. Do either of you know her? Honestly not sure what can be done w/o Twitter but happy to help
Maybe Mat Honan 
Kathryn Yu @kathrynyu Sounds like the email is at the root of the problem. I’d check with Apple and make sure no purchases were made
We-pick-em!
Getting started with login verification | Twitter Blog
Getting started with login verification | Twitter Blog
So it turns out that less than a week ago, Twitter quietly implemented two-factor authentication, which could have really helped protect me form this attack. I have been begging for more security on my account for a while but Twitter either didn’t tell anyone about this, or I missed it while I was immersed in DrupalCon Portland all week.
Every day, a growing number of people log in to Twitter. Usually these login attempts come from the genuine account owners, but we occasionally hear from people whose accounts have been compromised……
Here’s Brian’s screenshot of how my account looked last night when @ruby had been changed to @notrubyyo.
Dreamhost/domain hacked?
I’m starting to think this problem goes back before yesterday. It was on Saturday that I originally noticed that my web site at lotusmedia.org was messed up. It’s a WordPress site and it was failing to connect to the database.
I tried updating the WP software from my Dreamhost control panel, as this sometimes straightens things out, but it made no difference. Dreamhost is the server for my website, but it’s also the domain name server for lotusmedia.org and several other domains that I own.
I can’t log in to Dreamhost now, but I did verify that the domain name registration hasn’t changed at least. I’m wondering if the hackers have accessed my ruby@lotusmedia.org address, which currently goes right into my Gmail account. I’m still getting messages sent to that address, but maybe they are too!
Um, yeah. So this is the profile photo on the hacked @ruby account. Think people will notice it’s not me?
Overnight, they changed the bio to:
—— J —— Hack Forums 😀 5/27/13
What’s hapenning to Twitter followers
Got the following from a friend:
Hi Ruby. I hope you are doing well. FYI, it looks like something might be going on with your Twitter account. I got a message that you unfollowed me because I was not following you. So in trying to go to your account with the picture of you and Izzy to see if I was somehow not following you it repeatedly switched to some other account, @ruby I think, with zero tweets, zero friends and followers. Your account appears for a split second then disappears. I know this sounds weird, but there you have it.
iPhone
Last night after I went to bed, I got an e-mail verifying my address from Apple. (I had tried earlier to reset my password with them but never got the e-mail.) Then five minutes later I got notification that Your Apple ID was used to sign in to iCloud on an iPhone 4S.
Of course I don’t have an iPhone. As I mentioned before, the Apple ID was one of the big weaknesses that let hackers dismantle Mat Honan’s digital life.
The only other update is that the bio for https://twitter.com/ruby was updated, but they still haven’t actually posted anything.
I’m trying to figure out how to make it possible for people to comment here.