Rare Twitter username 'stolen'

Twitter logo One-character Twitter names are rare

Related Stories

The owner of the Twitter username @N claims it has been stolen from him by a hacker.

Naoki Hiroshima, a software developer from California, has had the Twitter handle @N since 2007.

In a blog post he said he had previously been offered $50,000 to sell it and people had tried to "steal" it before.

This time, he said, someone took control of other online accounts he had until he agreed to give it up.

Mr Hiroshima said his Twitter name was considered rare as it only contains one character.

He explained said that a hacker gained access to his GoDaddy account - a domain name registration service - and had changed the account settings to gain access to his personal email.

In a subsequent email exchange, the hacker told Mr Hiroshima that he had managed to access his GoDaddy account by learning the last 4 digits of his credit card number.

He claimed to have done this by contacting PayPal, where Mr Hiroshima has an account, and posing as an employee. Then he said he used "some very simple engineering tactics to obtain the last four [digits] of your card".

Social engineering

In a statement PayPal denied that it had given out Mr Hiroshima's details.

"We have carefully reviewed our records and can confirm that there was a failed attempt made to gain this customer's information by contacting PayPal.

"PayPal did not divulge any credit card details related to this account."

GoDaddy said in a statement to news website TechCrunch that one of its employees had been "socially engineered" to provide the hacker with the information needed to access Mr Hiroshima's account.

Social engineering is a method of tricking someone in to doing something they should not - in this case divulging confidential information.

In its statement GoDaddy said: "Our review of the situation reveals that the hacker was already in possession of a large portion of the customer information needed to access the account at the time he contacted GoDaddy.

"The hacker then socially engineered an employee to provide the remaining information needed to access the customer account. "

Irreversible disaster

Mr Hiroshima eventually gave up the @N Twitter handle after the hacker intimated that he would compromise data and websites owned by Mr Hiroshima.

"I remembered what had happened to @mat [Mat Honan's digital presence was erased in an hour after attacks by hackers] and concluded that giving up the account right away would be the only way to avoid an irreversible disaster," he wrote.

"I changed my username @N to @N_is_stolen for the first time since I registered it in early 2007."

The hacker took control of the @N username and Mr Hiroshima had his access to his GoDaddy account returned.

"With my GoDaddy account restored, I was able to regain access to my email as well. I changed the email address I use at several web services."

Mr Hiroshima said his advice to stop this happening to others is to not let companies store your credit card information and for companies to stop using it as a method of verification.

In response to why Twitter had not restored Mr Hiroshima's access to the @N account a spokesperson said:

"While we don't comment on individual accounts, we are investigating the report."

In the latest development Mr Hiroshima tweeted from his new Twitter account that it seemed the hacker had deleted his old account.

"It seems the guy who stole @N from me just deleted the account. It's available but unavailable to take."

More on This Story

Related Stories

More Technology stories

RSS

Features & Analysis

BBC Future

(Nasa)

Christmas 12 billion miles away

Twelve spacecraft spending the holiday far from home Read more...

Programmes

  • An ECG (electrocardiogram)Click Watch

    The wearable technology which could allow you to pay for goods with your heartbeat

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.