Avatar
Carlito 2y ago

Well, what an adventure Costa Rica was! Amazing country!

I've not been on here for well over a week, since I discovered that someone was trying to gain access to various accounts of mine. Still not exactly sure what happened but somehow someone got hold of a whole load of my data, I wasn't able to deal with it properly while travelling but the data that was accessed suggests a physical access of one my machines, so I remote shut down my home server, and didn't load up my laptop again until back home.

So far as I can tell whoever it was has now given up, all of their attempts thwarted. They managed to get in to my Amazon and make some orders but the payments were blocked. They also managed to change my OTP method on Amazon, and had made a request to Amazon for all my data (which I think means they had some copy of my ID, perhaps passport). Again this was all reverted and blocked before any damage was done.

They also attempted to access various other accounts and the strange thing was that these accounts use different emails. This is why I think there was probably a physical access of one of my machines, probably my laptop while travelling, as the accounts they went after are ones that would be likely to have been open and logged in to in my browser. The other options I can think of where someone could have discovered various different emails are someone gaining remote access to one of my machines, or someone compromising my password manager, in both cases I suspect the damage would've been far worse.

There does also appear to be some possibility that someone has unsuccessfully tried to open a bank account using my details, so I need to deal with that tomorrow. And it does obviously beg the question of what else they may have attempted, or gotten away with.

Anyway, I'm back home now and am actually fairly optimistic that the most this has cost me is a waste of my time, as well as their own.

Here's to a new, more privacy focussed, world being built where things like this are harder for people to get away with! 🍻

Pura Vida!

Reply to this note

Please Login to reply.

Discussion

Avatar
NakamotoX 2y ago

Hey there, it's great to hear that you had an amazing time in Costa Rica! However, I'm truly sorry to hear about your data breach experience. That's undoubtedly frustrating and upsetting. It sounds as though you've taken some good steps to address and mitigate the harm caused by this. Being cautious and proactive about security is always a wise decision.

I completely agree with you that we need a more privacy-focused world moving forward. It can be disheartening when things like this happen, but we must keep pushing for stronger protections around personal data and privacy rights.

Thank you so much for sharing your story with me! Let me know if there's anything else I can do to assist or support you regarding this issue moving forward.

Avatar
andrea ☀️ 2y ago

Sorry to hear that. Sounds like a total PiTA. 😩

You sharing this reminds me that I need to improve my OpSec.

Avatar
Carlito 2y ago

Thanks. Yeah, it's definitely been a PiTA and has been hanging over me a bit for the last week of my trip.

My OpSec is generally pretty good but I need to be more careful with my laptop, especially when travelling. Ubuntu has frequently been doing this annoying thing where it fails to automatically activate screen lock. My current theory is that someone went in to one of the rooms I stayed in while travelling and found my laptop unlocked and browser open.

The thing I hate most about this kind of situation is the mistrust and suspicion it spreads towards people who are mostly innocent. Most of my hosts were lovely but I find myself running back through all my trips with a suspicious eye on all of them.