So yeah. Both my gmail and facebook accounts were hacked again. And this time they made sure to permanently delete any email received since the first compromise. After the last time, I obviously changed my password, and made sure it was a strong(er) password. I don't think they could have brute forced it in only 5 days.
That got me thinking about how they got access. There are few devices that I access my gmail account from, and it's possible that one of those devices is compromised and contains a keylogger. I've used some of these devices since the second attack, and haven't seen a third...yet.
In a fit of paranoia I uninstalled any new apps on my phone but the more I think about it the more I think that is not the avenue for the second attack. We shall see. I'm in a "hurry up and wait" state at the moment.
What I think happened is that for the first attack it was brute forced offline, either from the leak a couple of weeks ago, or from the massive Sony attack, but in that first attack if you remember, they got access to my facebook friends list. It just happens that my mom is a friend and her maiden name is listed. Well guess what my gmail password reset security question was. D'oh!
I've had my gmail account for many years and was a wee bit of a security newb not so long ago -- not that I know everything, but I have learned quite a bit over the past couple of years. I'm sure that way back when I set this account up I had no idea that someone one day could use information obtained from one web site to compromise my account on another.
This is all still speculation as I have not rooted my phone yet so I don't have access to exactly what each app is trying to access, nor do I have access to gmail log files. It could turn out to be a bad app that I downloaded, and they just haven't attacked me again yet, and that while my cell phone could have saved me from getting my identity stolen, it was also the attack vector. We'll just have to wait and see.
Lesson learned... Don't use any security questions/answers that can be easily obtained online by just about anyone, e.g. birth month, mother's maiden name, pet's/children's names, etc...
