1/8 On Jan 31st, one of our employees said they couldn’t log in to our Snopes X account. I checked our site email and noticed that a minute earlier, we received an email from X saying someone new logged into our Snopes account. I didn’t recognize the location and then I saw another email that came directly after saying “X two-factor authentication is good to go”.
2/8 I immediately reset the password with the “forgot password” link but we were still locked out as I couldn’t login without the two-factor authenticator. Thankfully no one ever posted as Snopes so I’m guessing that resetting the password also kicked out the hacker as they didn’t get a chance to change the email and phone number.
3/8 I reached out to X help support many times over the last 6 weeks with no response. I tried the form saying we were hacked and the form saying we were having trouble with our two-factor authentication. No help.
4/8 I tried paying for the $1,000/month X Verified Org plan (even though Snopes already had this for free) to get Priority Support. After submitting payment I clicked “Contact us” and there was a special email to contact. Finally, a way to talk to someone at X! Nope. I received an auto responder a couple minutes later saying “This email address has ben deprecated” (with the “been” typo). It then directed me back to the help center I’ve been trying to get help from for 6 weeks.
5/8 I tried adding dozens of people on LinkedIn that say they work at X. Four of them accepted the invite and zero of them responded when I asked for help of who I can talk to at the company. I then tried signing up for linkedIn Premium to send more messages to X’ employees but again no responses from anyone.
7/8 Finally, I went back to Grok and asked if there were any other well known employees at X. Of course, it listed Elon and Linda, but they both have PM’s disabled. And then it listed John Stoll, X’s new head of news. I thought, of anyone, the head of news would be the most likely to help us, so this felt promising. I sent him a PM on X from my personal account and in less than 2 minutes he responded and said he would take care of it.
8/8 90 minutes later he gave us confirmation from support saying our account was hacked and they are resetting it for us. A few minutes later we had our Snopes account back!
In summary, always use two-factor authentication. We left it off because we had multiple employees logging into the account, but clearly it’s not worth the risk.
X has the worst customer support I’ve ever seen, even if you pay $1,000/month you can’t email them.
Grok did help save the day by pointing us to John Stoll.
> In summary, always use two-factor authentication.
2FA is a double-edged sword: you have to reveal a phone number in order to use it, and if the location where that number is stored is ever compromised - AND IT WILL BE - you've now had your phone number as well as everything else they knew of your identity stolen. And that phone number is golden for social engineering especially.
It's for this reason, as well as the general irritation of it, that I never ever use 2FA. That would be TRIPLY true for a service like X that is a Known Bad Actor with Evil Nazi ownership that is just as likely to abuse any information you give it as any garden variety criminal that might acquire it. Oh, wait....
You barely post here, your last post was at 20/02 and then you came here and write a full thread to told us how you were mistreated, ignored and cheated by that corporate social web (because pay 1K for a non existent customer service is that: a scam)...
Please, come here and build a community or just don't tell us about there because you still decide to stay there... 🙄
Snopes
Als Antwort auf Snopes • • •From Snopes CEO
1/8
On Jan 31st, one of our employees said they couldn’t log in to our Snopes X account. I checked our site email and noticed that a minute earlier, we received an email from X saying someone new logged into our Snopes account. I didn’t recognize the location and then I saw another email that came directly after saying “X two-factor authentication is good to go”.
That’s when panic set in.
Snopes
Als Antwort auf Snopes • • •I immediately reset the password with the “forgot password” link but we were still locked out as I couldn’t login without the two-factor authenticator. Thankfully no one ever posted as Snopes so I’m guessing that resetting the password also kicked out the hacker as they didn’t get a chance to change the email and phone number.
Snopes
Als Antwort auf Snopes • • •I reached out to X help support many times over the last 6 weeks with no response. I tried the form saying we were hacked and the form saying we were having trouble with our two-factor authentication. No help.
Snopes
Als Antwort auf Snopes • • •I tried paying for the $1,000/month X Verified Org plan (even though Snopes already had this for free) to get Priority Support. After submitting payment I clicked “Contact us” and there was a special email to contact. Finally, a way to talk to someone at X! Nope. I received an auto responder a couple minutes later saying “This email address has ben deprecated” (with the “been” typo). It then directed me back to the help center I’ve been trying to get help from for 6 weeks.
Snopes
Als Antwort auf Snopes • • •I tried adding dozens of people on LinkedIn that say they work at X. Four of them accepted the invite and zero of them responded when I asked for help of who I can talk to at the company. I then tried signing up for linkedIn Premium to send more messages to X’ employees but again no responses from anyone.
Snopes
Als Antwort auf Snopes • • •I asked Grok what we should do but we already tried all of the suggestions.
Snopes
Als Antwort auf Snopes • • •Finally, I went back to Grok and asked if there were any other well known employees at X. Of course, it listed Elon and Linda, but they both have PM’s disabled. And then it listed John Stoll, X’s new head of news. I thought, of anyone, the head of news would be the most likely to help us, so this felt promising. I sent him a PM on X from my personal account and in less than 2 minutes he responded and said he would take care of it.
Snopes
Als Antwort auf Snopes • • •8/8
90 minutes later he gave us confirmation from support saying our account was hacked and they are resetting it for us. A few minutes later we had our Snopes account back!
In summary, always use two-factor authentication. We left it off because we had multiple employees logging into the account, but clearly it’s not worth the risk.
X has the worst customer support I’ve ever seen, even if you pay $1,000/month you can’t email them.
Grok did help save the day by pointing us to John Stoll.
VulcanTourist
Als Antwort auf Snopes • • •> In summary, always use two-factor authentication.
2FA is a double-edged sword: you have to reveal a phone number in order to use it, and if the location where that number is stored is ever compromised - AND IT WILL BE - you've now had your phone number as well as everything else they knew of your identity stolen. And that phone number is golden for social engineering especially.
It's for this reason, as well as the general irritation of it, that I never ever use 2FA. That would be TRIPLY true for a service like X that is a Known Bad Actor with Evil Nazi ownership that is just as likely to abuse any information you give it as any garden variety criminal that might acquire it. Oh, wait....
leckse
Als Antwort auf VulcanTourist • • •Riquiñez
Als Antwort auf Snopes • • •In summary: why are you there? 😳😅
You barely post here, your last post was at 20/02 and then you came here and write a full thread to told us how you were mistreated, ignored and cheated by that corporate social web (because pay 1K for a non existent customer service is that: a scam)...
Please, come here and build a community or just don't tell us about there because you still decide to stay there... 🙄
jandi
Als Antwort auf Riquiñez • • •@andrewblasco Fact check: Would they walk over broken glass for those sweet sweet nazi eyeballs?
TRUE ✅