Top Social


Saturday, May 07, 2011
Been a little lazy to blog recently, but thought I'd just update everyone on how I was hacked almost a month ago.

To start off, after looking at all the emails about password resets etc, I realised the hacker began with my Facebook account and changed the password at around 3+pm.

I'm still not sure if it was a spiteful attack or just a pure coincidence, because a day later a friend (not a close one, and she is not a blogger) of mine got hacked by the same person.

It feels like perhaps the hacker got into my FB account, and from there realised I had a blog, a Twitter, a Formspring account etc from my profile and was lucky to be able to gain access to all because I use the same password *embarrassed face*. But come on, I bet most people do, and I'm sure that my password is definitely 50% harder than 90% of all of your passwords!

I don't believe the hacker could have GUESSED my password, much less be able to guess that of a friend the next day. Plus I know a week earlier, another not-close friend got hacked as well. So I think there's some techie shit involved somewhere.


HOWEVER, the hacker did do some very personal actions so it was very strange. A.k.a. tagging a nasty comment on Alaric's photo. I was out with Qiuting at that time having dinner, and that was when I found out I had been hacked (around 8pm) because he called me (and we almost never call each other).

The hacker also answered ONE Formspring question, and a short while later we also realised he/she had viewed this stupid video on my Youtube account (that's the problem of everything being tied to your Gmail account) of a girl with giant fake boobs in a tiny bikini trying to look all sultry on the beach.

So that was why people on Formspring kept asking me about that stupid video -_- and even if I had watched it, I really don't think it's a big deal sheesh.

One of the hacker's emails. All the emails used to replace mine are definitely active because he/she has to go into it to accept the change.

So the hacker cleared the associated emails (my Gmail and Hotmail) and changed my name, so if I searched any of those, Facebook says I don't exist.

HOWEVER, my Facebook account was tied to the NUS network. And to be in the NUS network, you need a valid NUS email from which you log in and certify that you're part of NUS.
So that was the only way I even managed to locate my poor, mangled account.

So this was the email sent to my NUS email, which clearly showed that the password change was made at 3.29pm, much earlier than I had thought. It's a shame I never synched my NUS email to my phone (because they send so much junk about programmes and discounts on printer ink) or I would have known earlier.

Reset email changed in my Twitter account. This was how my friend and I realised we'd been hacked by the same person, because he/she used for my friend too.

More of the hacker's emails. He/she changed my profile name as well as my country/region and birthdate, as these are necessary when trying to reset my password. So when I indicated Singapore, Hotmail would think I'm not the real user (and because Hotmail is a dumbass).


Accounts I got back easily: Gmail/Blogger/Youtube (all linked), Twitter and Formspring.

I finally managed to get my password reset through Customer Support where you "talk" to these Hotmail operators in a forum, so I managed to prove my identity by providing folder names, contact names, subject lines etc.
They took like over a week to finally give me my account back, compared to Gmail who returned it to me within an hour after I filled out a form requesting similar details.

After getting my Hotmail back, the hacker actually tried to get my email reset again but luckily I was in my Hotmail account at that moment, and cancelled the process. And you know why the hacker still can do it? Because I cannot remove his/her emails from the reset password info.

I have been trying to ask Hotmail about it, and checked forums etc and basically it's this - if you have one reset email, it'll take 30 days. If you have more than one reset email (which is why the hacker put 2 emails), it'll take 6 months for them to remove it after you indicate that these are not yours. I mean, WTF HOTMAIL?!

At the same time I also told Customer Support I just wanted to get back into my account to delete it, since they are so lousy at keeping my account safe. But get this - to delete your account, it has to be deactivated first. For it to be deactivated, it has to be unused for a total of 270 days. And in the meantime if I log in to my account to check that the hacker hasn't been messing with it again, that'll start a new 270 days.

So the lesson to all of you is: Hotmail sucks. I am so happy for the day I switched to Gmail (because at that time Hotmail kept crashing), whose interface is also better and has GoogleDocs.

As for Facebook, they are 50x worse than Hotmail. Even after identifying my account and knowing that IT IS STILL THERE (because of the NUS network thing), they never returned my account to me. I followed all the steps, and the website always claims to have sent the reset link to my email, but they never do. I have tried more than 10 different emails, same result. Nothing ever received.

Finally I found another link where you can "describe your problem" and even upload screenshots (where I showed a cached version of my original Facebook account), and I received an email from Facebook that you can actually reply to. Problem is, they don't reply. I sent them more than one email, and searched online to see what other people said - the consensus is that Facebook doesn't give a shit.

*P.S. You guys know they're setting up an office in Singapore right? If I'm not wrong it'll be the first in Asia. If they were open now I'd go down and complain! So frustrating!

I've given up on Facebook's Customer Support and created a new account. I'm so sad about my Farmville account, which I had played on Facebook for more than 2 years )':

I sent Zynga a report as well,
Incident Entry by Zynga Customer Portal Wed Apr 13 14:14:24 GMT 2011

My Facebook account was hacked and Facebook has been extremely inefficient in giving it back to me (they have managed to identify my account and claim to send me an email, but I never receive it).
Is there ANY WAY I can keep my Farmville account??? That's all I care about ):
- - -

They replied promptly, but said there is nothing they can do )': (the English was very strange so I highly suspect Customer Support was outsourced to somewhere haha).

Right now my new Facebook account has 300 friends (after super intensive friend-adding sessions) (I know, very desperate haha). It's quite tough deciding who to add again. Like... do you add people you don't really know now because it's been years and you were just acquaintances then, but you TOTALLY STILL WANNA KPO ABOUT THEIR LIVES?

P.S. Strangers have been adding me. Don't lehhh... make me excited for nothing because I'll be thinking, WOOHOO one more FB friend! Then it turns out to be a stranger... I still don't accept people I don't know, sorry! :/
If you make yourself known to me often enough (like don't comment anonymously please), I'll remember you and eventually maybe you can drop me a message when you add me just to identify that it's you (:
9 comments on "Hacked"
  1. Actually facebook is pretty efficient from my past experience. Was hacked by someone as well, and got back my gmail, facebook, hotmail, yahoo, in less than 6 hours. Never a good thing to use the same password in all accounts.. yet a lot of people still doing it.

  2. bacterium: How is that possible? I had gotten back all my email accounts and could even identify my FB account, yet they didn't return it to me. I mean it was entirely in their hands and I tried both the common Forgot PW/Reset methods as well as the more complex Customer Support. FB didn't contact me about either.

  3. now you have got back your fb account? i hope so. or else they were just having their weekends off. my fb email, mobile, and even profile pic got changed, yet they can help me recover everything back to its original state. that was long time ago though.

  4. Anonymous11:52 PM

    Sorry to hear about your accounts being hacked... Anyway, can you do a vlog with Alaric? Hehe it'll be cute!

  5. Bacterium: Didn't ): I waited like more than 2 weeks and finally gave up and just created a new one! I think maybe now they're just too busy? I dunno.

    Anonymous: Hahaha I'll try to convince him!!!

  6. hotmail is really horrible! i'm so glad that i've been using gmail!
    my bestfriend couldn't access her hotmail a week back and soon after my mum who always emails me reguarly because i'm not in singapore, had to create a gmail account as her hotmail was hacked too. both of them have been unable to get back their account unfortunately.
    hotmail really sucks, but i think these hackers suck even more!

  7. some ppl must be really bored if they're hacking into ppl's acounts like that. glad to hear that you got most of ur accts back.

  8. stanley4:56 AM

    I guess things have changed over the years.. I got hacked on hotmail about 10 years ago and I emailed them.. if I remember correctly, they reset the password for me after just providing my birthdate but all my previous emails were gone :(

    As for Facebook I do feel they are starting to ignore public feedback but nvr had experience with customer support... maybe u can try mailing them again with the problems u faced trying to retrieve ur account

  9. hey sophie just to let you know, i've been hacked before too! and my password is something random (not guessable at all) so to get hacked the hacker (i know it's an individual not a computer system, because he/she actually went to anyhow comment on my friend's or something) must have 1)seen me type my password 2)had some spyware on a public computer i used, and the only possible place for these 2 to happen is in school! im from nus too!! perhaps it's the same person lurking around school!!

    however i was more lucky, as i notified gmail that i was hacked (he hacked my gmail, facebook and msn). and then gmail froze my account and sent recovery information to an alternate account (which luckily was not hacked) by the next day, which means he couldn't access my gmail anymore.

    then the next day he went to fb msg my friend telling me he's giving back my account because he had enough fun, but i think it's more like he know that since i got back my gmail i can get back everything else without him surrendering first thus he tried to be cool and exited the scene first. what a loser!