© 2026 Arizent. All rights reserved.
Market Intelligence:
AI
Payments
All Research
Industry Data
Analytics

PayPal Responds to @N's Reported Credential Theft

By John Adams
About John
johnhadams
john.adams@arizent.com
john-adams-83444310
Published January 29, 2014, 6:11 p.m. EST
|
Updated May 21, 2014, 8:28 a.m. EDT
1 Min Read

PayPal says it did not divulge credit card information from a customer who contends PayPal exploited in a scheme to force him to give up his Twitter handle, "@N."

Processing Content

Naoki Hiroshima, a technology developer and blogger who owned a rare single-letter Twitter handle, says the extortionist gained leverage by compromising his GoDaddy Web hosting account using payment credentials obtained through PayPal.

Reporting his ordeal at Medium.com, Hiroshima says he's been offered as much as $50,000 for the Twitter handle. The person behind the extortion claimed to have used social engineering methods to trick PayPal into divulging part of Hiroshima's card account number, Hiroshima says. With this information, the attacker posed as Hiroshima when contacting GoDaddy to take over his account there.

PayPal says its records contradict this version of events.

"We have carefully reviewed our records and can confirm that there was a failed attempt made to gain this customer's information by contacting PayPal," the eBay unit says in a blog post, adding "PayPal did not divulge any credit card details related to this account," and "this individual's PayPal account was not compromised." The blog post did not list an author, and PayPal would not comment further.

GoDaddy's review of the situation reveals that the hacker was already in possession of a large portion of the customer information needed to access the account at the time he contacted GoDaddy, said Todd Redfoot, chief information security officer at GoDaddy, in an email to PaymentsSource. "The customer then socially engineered an employee to provide the remaining information needed to access the customer account. The customer has since regained full access to his GoDaddy account, and we are working with industry partners to help restore services from other providers. We are making necessary changes to employee training to ensure we continue to provide industry-leading security to our customers."

Hiroshima did not return a request for comment by deadline.


John Adams
Executive Editor, Payments
John Adams is executive editor of payments for American Banker. John interviews top executives in the payments, cryptocurrency and fintech... Read full bio
For reprint and licensing requests for this article, click here.
Analytics Data security
MORE FROM AMERICAN BANKER
Load More