GoDaddy falls for hacker's social engineering

[WelltodoInformalCattle]

Slightly old in internet terms but thought you all would find this interesting: http://techcrunch.com/2014/01/29/godaddy-admits-hackers-social-engineering-led-it-to-divulge-info-in-n-twitter-account-hack/

An update in the @N account hacking case has just come through from GoDaddy, one of the companies involved in the somewhat convoluted social engineering case.  The company admits that one of its employees was ‘socially engineered’ into giving out additional information which allowed a hacker to gain access to Naoki Hiroshima’s GoDaddy account.

The hack, which we detailed in a post earlier today, was performed by calling up PayPal and GoDaddy to gain access to Hiroshima’s personal email, which was then used to extort the @N Twitter user handle from him.

 

[Kakashi]

Read this earlier today. Paypal and GoDaddy failed hard, and it's pretty shocking that through no fault of his own his details were revealed. Hope Twitter make the sensible choice and return the account. 

 

[BuyCPanel-Kevin]

I want to blame paypal more for the issue (title?) they did give out the last four digits of his credit card number

 

[mikho]

One could arguee that if paypal hadn't given the last digits, it would be "impossible" go get the rest from Godaddy. Put the "impossible" inside quotes since one can never be 100% certain.