CHICO, Calif. - A Chico-based professional hacker got hacked by making a common mistake. Now he has a warning.
“I came across this hack by being a victim of it, surprisingly,” said online security expert William Caput. “I was using a password that I had used on one of these sites years ago.”
Caput gets paid to test companies' online security.
Rewind to the year 2016, when Yahoo was breached. He says someone went in and stole all the emails, phone numbers and personal information associated with 57 million Yahoo users.
“They take those 57 million email addresses and compare them against stolen passwords that were found on other sites like LinkedIn," he said. "If they match up, they'll take the password and put it on the Uber account.”
"And if the password works on an Uber account, they'll sell it," he said. "So those passwords are worth, at the time I was researching it, about $3 a piece.”
Fast forward to now. Caput says he got an unsettling message.
“I got a notification that I was taking a ride on the East Coast, and I was here in Chico,” he said.
Caput says he immediately changed his password.
“Then I got the notification that someone was trying to log into my account again,” Caput said.
Caput only lost $9 because he was able to change his password and lock the thief out. While he got lucky, he says others have been scammed for hundreds of dollars. He suggests using a different password for each website and changing passwords often.
- Chico Professional Hacker's Warning for Uber Users
- Uber users react to new changes
- Hackers Welcomed at the ‘Norcon Security Conference’ in Chico
- Chico State business students propose concepts to local professionals
- Microsoft warns Windows 10 users to update immediately
- Uber Driver Scams Rider
- Health professionals hold National Health Center Week
- Professionals, volunteers provide free health clinic in Chico for those in need
- Uber didn't do enough to warn women about series of rapes by fake Uber drivers in LA, lawsuit alleges