This is one of those stories that fills you with dread because we know it could happen to any of us: It's the story of how Naoki Hiroshima, who used to own the very valuable Twitter handle @N worth an estimated $50,000, lost it because PayPal, GoDaddy, and Twitter really don't care that much about their customers.
The short version of the story goes like this: An unidentified hacker did a little social engineering and claims he/she got PayPal to divulge the last four digits of Hiroshima's credit card (PayPal denies this), which allowed the hacker to persuade GoDaddy's telephone tech support to send the confirmation request to change the email address for Hiroshima's account to another email address (GoDaddy admits this), which then allowed the hacker to completely lock Hiroshima out of his GoDaddy and Facebook accounts and thereby allowed the hacker to blackmail Hiroshima into giving up his very valuable single letter Twitter account.
The irony is that in the period between Hiroshima giving up his Twitter account and the hacker taking possession someone else - the currently mysterious "Badal_NEWS" - snagged it!
According to Hiroshima's account of the saga none of the companies involved in the compromising of his accounts were overly interested in helping him sort out the mess instead relying on bureaucratic procedures that apparently favor hackers over users.
You might think that given the amount of coverage this case is getting Twitter would step in and sort things out but ... you guessed it ... you'd be wrong as Twitter has, so far, avoided commenting or doing anything concrete. This doesn't surprise me as I've tried since December and to no avail to get a response as to why my dog's Twitter account was suspended and I've heard similar stories about other Twitter users.
While PayPal will probably escape any major fallout from this mess (unless Hiroshima can figure out how to take them to court ... how he'll prove what they did, the gods alone know) but GoDaddy deserves as much opprobrium as can be heaped upon them. As for Twitter, they are carving a path that leads to much reduced user confidence over the long term and, ultimately, to irrelevancy.
Once again, it appears that the attitude of many online service providers when faced with user problems amounts to "leave us alone, we're doing our best" when their best is, demonstrably, nowhere near good enough.
Is it time for much more strict regulations on how service providers manage and use personal account information?