So Twitter will only respond to email@example.com, which was associated with @ruby. The hackers changed @ruby to @notrubyyo, and then deleted it. Who knows what address they have associated with the new @ruby account?
My Dreamhost account (which includes lotusmedia.org DNS) has been hacked and they are also not talking to me because I haven’t successfully proven who I am to them. (Only their customer of about 12 years.) Their password reset only uses e-mail, no security questions or SMS back up.
Dreamhost are also much slower to respond when they think I’m not a customer so it’s taking forever to get anywhere, and they refuse to talk on the phone.
After being a loyal customer for well over ten years, Dreamhost is apparently brushing me off like so much dandruff. I can’t understand why they’re not concerned about a known malicious hacker having access to their web servers, DNS, e-mail servers, etc.
As you have not provided the primary four digits of the account number in
question, I am unable to verify that this card is on file.On Tue, 28 May 2013, you wrote:
> Hello? You stopped responding. I can’t express to you the level of
> additional damage that is possible while the hackers are in control of my
> web spaces and domain names!
> Would it be better to call? My number is XXX-XXX-XXXX.
> = Ruby
Unfortunately, due to documentation requirements, phone call back support
is unavailable for abuse and security related issues.
If you have any further questions regarding your DreamHost services,
submit a support request at any time.
And since I can’t get to my address at firstname.lastname@example.org, Twitter (where I have been a user since 2006) won’t even talk to me. No concern at all about the loss of 17k tweets and 3k followers. When I get home I will tear up the house trying to find whatever freaking credit card I’ve had on my Dreamhost account forever.
This morning I restored access to my Apple ID and locked out the hacker. I also got this from Twitter, just reinforcing that they do not give a shit about me (one of their first 1,000 users).
Unfortunately, we need to communicate with you via the email address that has been associated with the original account. Please work with the email provider to secure your email account. I’ve just sent you another email to that email address.
Anyone can enter your username in this form and trigger a password reset: https://twitter.com/account/resend_passwordTo make it more difficult to trigger a password reset, you can enable the option ‘Require personal information to reset my password’ in your account settings under https://twitter.com/settings/account
Notice how there is not even any interest in my archive of tweets, nor my 3,000+ followers. And I have not heard back from Dreamhost, which is the main hurdle in getting access to my e-mail at lotusmedia.org.
That’s the IP address from which my Dreamhost account was reset.
Also the hacker sympathizer that’s been posting here on my Tumblr is email@example.com, IP address: 188.8.131.52, for whatever it’s worth.
I have regained full access to PayPal, as well as Yahoo and Amazon. I’ll be talking to Apple tomorrow. Also orangepolitics.org isn’t actually hacked, it’s just the domain name.
I still don’t have Dreamhost back (which is the root of the problem) but they agreed to lock everyone out until it’s straightened out. Yay.
Well, it looks like the hackers got my community website, too. I think this confirms my suspicion that they are fucking with my domain names by way of hacking my Dreamhost account. They’re usually very responsive, but DH has not replied to my urgent messages for over 24 hours.
This is what orangepolitics.org looks like now:
As I am unsure whether my e-mail is compromised, please use firstname.lastname@example.org to reach me in the immediate future. Sigh.
OK, Amazon.com wins the prize for being the first company to help me fix things! One down, 10 to go…
It’s been over 12 hours since I heard a peep from anyone at Twitter, but several folks I know say they are contacting friends who work there.
Meanwhile, I just got an unsolicited password reset e-mail from my secret back-up Twitter account! Either Twitter is helping me fix the wrong account, or I am under additional attack. Ugh!