The curious tale of the hacker who extorted the valuable single-letter @N Twitter name from its owner has grown curiouser. The parties involved disagree on what happened — and in the midst of this mess, some third party took advantage of the confusion and snapped up the @N handle.
Naoki Hiroshima, an app developer and original owner of the rare single-letter Twitter name, detailed his story on Wednesday on Medium — a blogging platform, by the way, created by Twitter co-founder Ev Williams.
In a tale of high-stakes Internet ransom, an attacker held both Hiroshima’s PayPal and GoDaddy accounts hostage until Hiroshima agreed to give up the unique @N Twitter name. The story, reminiscent of the customer service-related digital attack on "Wired" reporter Mat Honan, received a lot of attention: another sobering reminder that some “hacks” are carried out with a mere phone call.
According to Hiroshima, the hacker told him directly that he or she first talked a PayPal employee to give up the last four digits of Hiroshima’s credit card — then used that information to call GoDaddy, where a customer service rep then let the hacker guess two other digits on the card.
But there’s a big hole in this story. None of the companies involved agree on what happened. Meanwhile someone else — not Hiroshima or the hacker — has apparently scooped up the @N name. (Handles with few characters are considered valuable to marketers.)
After Hiroshima's story appeared, PayPal issued a categorical denial that it gave out any information related to Hiroshima’s account. Domain registrar GoDaddy insisted the hacker already had lots of details needed before he or she called the company, although it admitted one of its reps did provide more information to the attacker.
Meanwhile, Twitter said only that the company was "investigating the report," and the purloined @N account disappeared briefly from the site late Wednesday. Despite sharing his story on a platform created by a Twitter co-founder, Hiroshima isn't getting a short cut to justice. Now tweeting under the name @N_is_stolen, Hiroshima posted a message that Twitter still wouldn’t let him take over the account.
About five hours later, the @N account boasted a new name from someone who apparently took over: “Follow Badal_NEWS.” (The @Badal_News account is locked, though its publicly available bio asks followers to text a number.)
Hiroshima tweeted incredulously:
He also shared with another Twitter user what the company apparently told him:
Twitter did not immediately reply to requests for comment Thursday on Hiroshima’s statements.
As for the other two companies involved, PayPal said in its blog post that it had offered Hiroshima assistance, but again, denied that its customer service team gave out ant credit card details, personal information or financial information related to Hiroshima's account. PayPal said its records show there was a failed attempt to get into his account, but the company said he was not in fact compromised at all.
In its own statement, GoDaddy admitted "the hacker socially engineered an employee to provide the remaining information needed to access the customer account."
But GoDaddy insisted that "our review of the situation reveals that the hacker was already in possession of a large portion of the customer information needed to access the account at the time he contacted GoDaddy" — which, according to the hacker, was four credit card digits provided by PayPal. Again, PayPal fully denied giving out any information.
Still, GoDaddy said it would make “necessary changes to employee training” to try to avoid a similar situation in the future.
Julianne Pepitone is a senior technology writer for NBC News Digital. Previously she was a staff writer at CNNMoney, where she covered large tech companies including Apple and Google, as well as the intersection of tech and media. Follow Julianne on Twitter at @julpepitone or email her at firstname.lastname@example.org.