Where Did My Profile Go?
I’ve been hacked once in what I’d imagine is a classic account takeover situation. I feel like a techie just writing that.
I was actually pretty chill about the whole situation…until I wasn’t.
So what happened exactly? No idea. I was relaxing in bed like I usually do all day, and someone sent me a LinkedIn post that I tried to check on my phone. But then I found the app had logged me out. The audacity right?! Whatever. I thought I’d check another time.
Many hours later, I decided to take the time to remember my password and log back into the app. I couldn’t. Like everyone who uses the internet, I have a million passwords so I thought that was it. Now I was getting frustrated about forgetting my password. It wasn’t until I tried the ‘forgot password’ link that I realized the problem wasn’t my password at all – but my email. LinkedIn didn’t recognize the email I’d had for, dare I say, about 10 years. What?!
I didn’t freak out, but I felt like I should.
I truly didn’t though, but I began to feel anxious when it started getting hard to find any email to use to contact LinkedIn for help. Every link I found required me to log in. But I couldn’t cause LinkedIn didn’t recognize my email!
Heart rate up, indignant thoughts about the stupidity of LinkedIn in my head, I had an epiphany. Twitter!
Sure enough, there was a LinkedIn help account on Twitter. Ah – finally, help! So I send a heartfelt message, but still a professional one, you know?
But you can’t stay in an anxious state forever, especially if what you’re anxious about is so specific. So I took a chill pill until three days later, I got a response. Freak out or no, I had sent several follow up messages and even though it’s all resolved now, I still hold this against LinkedIn.
Anyway, they acknowledged my issue and sent me a reassuring mail about looking into it.
Meanwhile, I started to fully wonder (it had occurred to me but I hadn’t wondered yet). How did I get hacked? In my full-time wondering, I remembered my backup email was on yahoo, so I logged on there to investigate since I didn’t see any signs in my main email account. You know? Those signs where you get emails saying that someone in Bangladesh is attempting to log in to your account, meanwhile you’re in Lagos.
And behold! What did I see but almost 10 messages in my yahoo mail alerting me that someone is attempting to log in to my account. I guess they succeeded then.
Finding this didn’t really help my case, but I promptly downloaded the yahoo mail app onto my phone – no way am I not checking my emails anymore. *Cries in regret*
So I waited for LinkedIn to respond to me, and tried not to think of all the work I’d have to do if everything in my account has been deleted.
I waited a month.
On to Twitter again since the email they sent me was a noreply email. Love those!
And they actually helped the second time. I had to send a copy of an official ID to prove that it was my name and email, and seize my account back from a Thompson Burton. I got my account back in two days, to mixed emotions of thankfulness (cause they helped) and resentment (cause it took a month of many follow ups) towards LinkedIn.
When I changed my password and logged in, all the resentment I was feeling flowed over to this Thompson Burton like a stream of molten lava. This guy, or whoever he had bought my account from, or whoever was catfishing him, had deleted most of my details – my many certificates and licenses, details of work projects, publications, education and experience. But they had left my last experience, edited slightly with the position title and location, my last executive education, my recommendations and articles. But now the profile header, latest posts, and experience were of a Bitfinex. Now Thompson Burton was a Frankenstein of some of my qualifications and some of his.
As I started to change the details in the settings and the profile, I got more and more distressed at all the things about my professional life that I couldn’t remember, most notably all the >40 projects I had worked on which I had meticulously filled in LinkedIn each time I finished them, and stupidly never downloaded.
A feeling of hopelessness suddenly descended on me. A slight overreaction perhaps, but there nonetheless. I wallowed in that mood like a pig in mud for a few minutes, but maybe it was too deep to remain. It also occurred to me that that was a tiny dose of what it feels like to be a victim of identity theft. I hadn’t lost any money, just my digital identity, but I still felt violated. Taking comfort in the fact that millions of people have suffered worse from their own identity theft, the feeling of hopelessness dissipated, and I updated my profile as best I could through the night.
Then I went to sleep.
What’s the moral of this story? Don’t ignore your emailed sign-in attempt alerts, don’t trust profiles on LinkedIn, and use Twitter to bug brands to provide help.
Words of advice from an identity theft survivor. I accept your thanks!