I say may have because I'm not quite sure how much damage was done. I'm still cleaning up. Also I'm not sure what these a-holes wanted.
It all started on a Sunday afternoon. I was sitting at home getting ready to head over to a cookout with my family. I noticed that my cell phone had two "!" icons. I clicked on them and noticed that I was no longer syncing with gmail or Facebook. So I tried logging in again on my phone. . . No luck. WTF?!?
I then tried logging in to gmail on my laptop, still no luck. Well, I knew my password was correct, so I tried resetting my password, and was able to log in instantly. Once I logged in, there was a bright red bar at the top of the gmail layout stating that my account had been logged into from a questionable IP. I'm not sure of the algorithm that google uses to detect this, or even if they have a list, but sure enough, the IP was registered in Italy; and unless there had been a shift in the time-space continuum, I was not in Italy.
I then checked my gmail settings to ensure there were no forwarding rules set up, or any other settings out of the ordinary. Good-to-go.
Next, let's concentrate on what the hell happened to my Facebook account. Tried accessing it using what I thought was my "strong" (not a dictionary word, use different charcter sets, etc...) password, which is different from my gmail password. Sure enough, it had been changed. So I reset that password as well, and also ensured there were no odd email addresses associated with my account (Account Settings -> Email, Account Settings -> Security). Good-to-go.
So how did they hack my gmail account? I have a "strong" (not a dictionary word, use different character sets, etc...) password, so I'm not really sure. There was a breach of thousands of email addresses a few weeks back, but if I remember correctly, only a small percentage of them were gmail accounts. So maybe it was brute-forced. I'm not sure if gmail has an account lockout feature -- never needed to try or look into it. Either way, my accounts had been hacked. DAMMIT!
I checked my spam folder in gmail. . . nothing. Checked the deleted items folder. Hmmm. . . There were two deleted messages about a facebook account password reset. I don't remember doing that. WTF?!? Those sneaky bastards had hacked my gmail, changed the password, then sent a Facebook password reset to my gmail account. Since they now had my gmail password, they were able to reset my Facebook account with the link that was happily provided by Facebook, then delete those messages. Luckily, google never really deletes anything.
From the hacking of accounts to me getting "notified" by errors on my cell phone took about 10 minutes, and another 10 minutes for me to figure out what the hell happened and fix it.
All I know for sure is that they had access to my gmail address book and my facebook friends list for about 15-20 minutes. I have not heard from anyone getting spammed by me, and I haven't received any notifications about other account password resets, so for now I think I'm okay.
But what if I didn't have a smart phone that linked to gmail and Facebook? how long would it have taken me to find out my accounts had been hacked? Hours? Days if I was away from a computer or on vacation? My smart phone addiction paid off for once.
Lesson Learned? Change passwords often, make them long and full of different characters. Don't use dictionary words. And don't ever, ever, ever, use the same password for all of your online accounts. Oh, and keep the smart phone data plan!
