Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

What It’s Like to Experience Email Account Hijacking

In the November issue of The Atlantic, James Fallows shares the story of how his wife’s Gmail account was hijacked and what they went through to recover years of stored messages. It’s a compelling tale that will hopefully bring home the need for secure passwords and offline backups of cloud-based data.favicon follow link


Comments about What It’s Like to Experience Email Account Hijacking
(Comments are closed.)

Joachim  2012-01-09 10:57
I must admit after learning that the wife seriously used Google Mail as her one and only - no local backup - email storage and archive solution (4GB of data !!!), I mainly laughed about the incident.
Nice to hear that Google is helping you (at least if you know some important guys directly) and of course all the conclusions are correct and valid.
But even with the best password etc. startegy I would ALWAYS have a local mailclient download all the mail & data and then have a local backup strategy that includes all thhat data.
I'm surprised how naive and blind people must be to keep this magnitude of data (especially otherwise unrecoverable documents and images !) without backing it up locally.
Also I'm speechless what people expect from a free email service in terms of covering their axx in case of trouble caused by the above mentioned behavior.
just my 2 cents Jo
Adam Engst  An apple icon for a TidBITS Staffer 2012-01-09 11:55
Yeah, it sounds like James himself did pretty decent backups, but apparently he didn't insist on his wife doing the same. You never know how tech-related advice will go over in a marriage. ;)
Tommy Friedmann  2012-01-09 17:19
Pretty horrible.

I use apple mail. In how many places do I have to change my Apple ID password?
Andres Saldana  An apple icon for a TidBITS Angel 2012-01-14 14:04
Coming up with secure passwords is a subject that I'm sure everyone has thought about long and hard. I can't agree with the author's conclusion that you need a different password for every account that matters. I do think its better to use combinations of numbers and letters that have no connection to a dictionary and are easy to remember for personal reasons. I recommend you search in your past for the key elements, and build a complex password that reads like gibberish. This is more important than having 10 different passwords.
Tommy Friedmann  2012-01-15 13:52
So, how do we protect ourselves in case our Apple ID is hacked and out contacts and calendars on iCloud are erased? Does that mean that they will sync empty fields to our Mac and iOS devices? Is a Time machine and/or Clone sufficient?
Adam Engst  An apple icon for a TidBITS Staffer 2012-01-15 15:03
That's a potential problem, as I understand iCloud, since as soon as the content disappears on iCloud, it might disappear on your devices as well.

The solution, I believe, would be the approach that Rich Mogull went through when he accidentally erased his own iCloud information.