What's it like to be hacked? James Fallows over at the Atlantic Monthly tells us his experience. One night his wife left her computer on when she went to bed. The next morning she discovers her Gmail account is inaccessible! She couldn't log in because a hacker had swiped her account and altered her password.
Fallows figures, no problem, just follow Google's simple procedures to re-establish control of his wife's account. But when she is finally able to log into her Gmail, she finds her six years of correspondence -- 4 gigabyte of data -- gone.
Fallows is a professional writer, not a computer expert, but he knows enough about computers to keep his cool. With millions of Gmail users, obviously there has to be an easy way for Google to retrieve his wife's email from backup. Right?
Fallows sends in Google's standard data recovery request form. He then finds that email has been recovered only back to the beginning of the year. The previous six years of email? Missing. Gone. Nada.
Here's where the story gets interesting (read: frightening). The email Google sends to Fallows tells him that recovering any more of the email is not possible. Plus, there's this happy summary in the form-letter email he receives from The Google Team: "We unfortunately will not be able to respond to any further emails on this case."
Compared to the rest of us, Fallows is a lucky guy. He's a famous writer, so he has the pull to contact people on the inside at Google.
As he does he discovers quite a difference in perspective between The Google Team and its millions of users. "What a surprise, that people would want to recover from catastrophe! But from Google’s engineering perspective, the deleted-mail problem, while dire for those confronting it, affected only a tiny fraction of their users, and also was more complicated to solve than some other mainstream usability issues."
For Fallows, the result was that "...our attitude toward Google got much worse before it got better." He did, by the way, get all his wife's emails back, but only after pulling strings unavailable to we the unwashed masses.
The article concludes by telling what you can do to harden your own accounts from hacking:
- Use very tough gibberish passwords
- Use different passwords for different accounts
- Change passwords frequently
What Fallows learned the hard way is that the online services we assume will protect us look for us to protect ourselves.