The Business Blog Authority
 

My Gmail was hacked last week

by Brian Brown (follow me on Twitter): July 19, 2006

gmailImagine moving across country, unpacking a tractor trailer truck for three days, sitting down on Monday morning to finally go through a week's worth of email, and you can't log in.

I wondered if I had forgotten my password over the week, so I tried several. It didn't take long before Gmail started requiring me to confirm my log in attempts by typing the letters they showed on the screen. No luck. I tried to have my password emailed to my secondary address, but I never received anything from Google.

Very late on Monday afternoon, after trying password after password, checking and rechecking my other email addresses (I have like 10 email addresses), I finally tried to log in to one of the websites I administer. Using my FTP program, I tried logging on, but the program said the password was incorrect.

Uh oh.

My websites all looked fine, but I knew it was trouble when I couldn't log into either my email or my websites. I got on the horn to my webhost (Psek) to see if they could tell me why I couldn't log in. That's when I found out all hell had broken loose.

Someone had searched my Gmail and found the passwords to a few of my sites and had replaced the content of the sites with a "You've been hacked" page. I never knew this had happened because one of my clients had alerted Psek of the problem and Psek had already recovered all my sites and changed the passwords. After getting my new passwords, I was able to access my websites again, but I still couldn't get into Gmail which contained over 7,000 emails...a ton of information that was pretty vital to me.

I sent a few emails to Gmail's support, but since I didn't have the original email that invited me to join Gmail, my hopes were grim. After reading a few forum posts about other people who had their Gmail hacked, I was not hopeful I was going to ever see my account again. Most frustrating was not being able to speak to a person at Google, and my emails to support were not even acknowledged with an auto-reply that others had reported receiving.

A couple of days later I pulled out my old computer and fired up my email looking for the original invitation email to join Gmail. To my complete shock, I found it from over two years ago and I was able to send another email to Gmail support with more complete information.

The next day, after searching for solutions, coming up empty, and still not hearing anything from Google, I called Vermont's Attorney General's office. I live in Wisconsin now, but I've found Vermont's office to be helpful in the past and technically, the first evidence the email was hacked was while I was in Vermont. They couldn't give me any help with putting me in touch with someone from Google, but they did refer me to a website where I could submit a form pertaining to identity theft. The site was the IC3, a partnership between the FBI and the National White Collar Crime Center.

I submitted the form from the IC3 around 10 am, and at 2:03 in the afternoon, my Gmail restored my account and returned my access to all my emails. I have no idea if the updated email to support, or the IC3 form had anything to do with Gmail suddenly responding, but they probably didn't hurt. Here's the timeline:

  • July 4, afternoon Last time I checked my Gmail before the big move to Wisconsin.
  • July 4 My Gmail account was hijacked.
  • July 4 At least two of the websites I administer had the home page replaced with a "You've been hacked" page.
  • July 5 All websites back to normal.
  • July 10 I checked my Gmail and was unable to log on to my account. I was also unable to access several websites I administer. My webhost provided me with the updated passwords later in the day. At least two emails were sent to Gmail support.
  • July 12 I located the original Gmail invitation email on my old computer and sent Gmail support updated information.
  • July 13 I called the Vermont Attorney General and they suggested filling out a form at IC3. I filled out the form and about 4 hours later, Gmail support sent me their first email regarding the hijacking. This email gave me my account back.

I hope this helps anyone else that runs into this problem as I didn't find very many sites where people have run into this. It appears that the hacker stole my Gmail password somehow. I have no idea who it was, or how they did it, but it could have been as unsophisticated as standing over my shoulder and watching me type it (though I doubt it). To say the least, my passwords are much more complex now and I have a printed copy of my original Gmail invite for my files. Hopefully this has not happened to you, and if so, you have my sympathy and support to get your email back.

Tags: , , , , , , , , , , , , , , , ,

Follow me on Twitter by clicking here.


Comments

That sucks! Why you contacted anyone in Vermont is beyond me. Email? What's that? At least Google got back to you somewhat quickly.

What a crazy story. And even though you're back into your Gmail account, you've got a ton of sifting to do now, what with all those thousands of emails piled up awaiting you. Here's rootin' for ya.

Hey my gmail just got hacked this past weekend, how long did it take for gmail to send you a response to retake your gmail?

this guy made purchases with my credit card, i've had to get a lot of things shut down in the past few days and it's been a real pain in the butt.

You totally have my sympathy. It's a scary and frustrating situation.

Looking at the timeline I wrote above, it looks like it took Google 3 days to respond, although if you have your original gmail invite, it might be a quicker response because they responded the day after I provided them with mine.

I highly suggest using the link to the IC3 form I provided above. It might be my imagination, but this also seemed to push Google in the right direction.

Good luck.

I hacked into a friend's gmail for fun. it twas so easy

Roger.Lee@uth.tmc.edu

hi
i lost my passwords in gmail which contain plenty of important letters. if u can help, pls do it for me.
theingi

I'm not sure what I can do. I would suggest contacting the IC3 and the other advice I mentioned in this post.

There is a similar article that has been just posted at:
http://blogoscoped.com/archive/2007-11-22-n35.html

and here are all the reader comments:
http://blogoscoped.com/forum/116008.html

The comments to this entry are closed.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341cf73f53ef00d8342bb47053ef

Listed below are links to weblogs that reference My Gmail was hacked last week:

» Gmail account hacked from Unofficial Google Wiki
Brian Brown has a painful account of his Gmail account being hacked. It wasn't until Brian forwarded his original Gmail invitation email to Gmail's support and filled out an IC3 form that Gmail finally contacted him about getting his account back. So... [Read More]

« Previous Post | Main | Next Post »

  •  

    Subscribe to RSS

    Read Small Business Blogging
    and Marketing Articles
    from Pajama Market in your
    RSS Reader

     

Archives