Scary thought seen at blogoscoped in an article by Philipp Lenssen's. He raises a point that I have not fully explored. With our increasing use of and dependence on "elsewhere" hosted services such as Google and Windows Live, what would you do if your account was hacked?
Another factor that in my mind increases the risk, is that with more and more services available via a single sign on, if your account is compromised you could have a great deal of vulnerability across a very large surface in a very short period of time.
Take Google for instance. If my account was compromised the attacker would have access to my:
- Email, and Archives (GMail)
- Contacts (GMail)
- Notes (GMail)
- Appointments and Schedule (GMail)
- Documents (Google Docs)
- Photo Albums (Flickr and Picasa)
- Blogs and Blogs I have access to. (Blogger)
- AdSense Account
Now I operate by the rule that anything I store on someone else's server is accessible to the world anyway. For that reason I don't store any family or professional secrets, medical info etc online, however even my day to day info would be a goldmine for a potential identity thief. Or to a competitor.
But increasingly more and more information is being hosted behind fewer and fewer federated logins. Which means you can have large areas of your online life compromised by losing a single password.
Not to mention the potential damage that could be done just by having access to your account, such as sending emails that actually DO come from you (just not actually authored by you), to everyone in your contact list.
It does not take long to think of nightmare scenario's. So as Philipp asked "What would you do" if this happened to you? Do you have all that data and email backed up somewhere? Even if Google or Microsoft restores your access to your account, some or all of your data may be gone.
Has anyone had something like this happen to them? If so what did you do to regain access and did you lose anything irreplaceable?
Something to think about!
Cheers,
Robert Porter