I met this client on Craigslist in NYC, she’s a Yale educated Attorney who no longer practices law. She owns multiple rental properties, several other companies and a Theatre Production and a Music Production company. She hired me for accounting help. I was using her wifi in her penthouse to log onto the internet. On the second day, while I was in her penthouse my laptop crash, it’s less than a year old and it had never done that before. She acted innocent about it, asking me if it had ever done that before. Well fast forward a few days, and things didn’t work out. She changed her mind after the first week on the type of work and I wanted to raise the rate we disagreed and I resigned.
That laptop crash was not the end of it, as it turns out she hacked my laptop and my cellphone and she sent my data off to some other people via email. They have verified it to me.
About 4 weeks after I quit working for her I noticed my cellphone data usage was high and I began to investigate. I tried to factory restore my iPhone and it wouldn’t let me because my iTunes passwords had been changed. When I went to reset iTunes I noticed the underlying Gmail account password had been changed, Gmail indicated the IP address for the most recent change was my home IP address, this is what led me to confirm my laptop was hacked. As I tried to change logins on personal information (banking, websites, etc.) I literally saw someone deleting the new login info as I was trying to change my login info. I then disconnected the laptop from the internet and tried to move my data off the laptop in an effort to get my data off and format and restore the laptop, I guess they sabotaged it before I could take it offline in time. Later GeekSquad would tell me the hard drive failed. I lost data. I lost client data. And a lot personal data. I was using one laptop for personal/business as money was tight.
So about two weeks after the laptop blew up, I borrowed enough money to purchase a new laptop. I think when she hacked my laptop in her apartment she installed something and when I brought the laptop behind my router at my home it opened up a port on the router. I should have checked my router before setting up the new laptop but I didn’t. During setup and usage of the new laptop I noticed 1) sometimes my Norton 360 Premier would disable 2) browser errors and it would ask to close and reopen 3) MS Office errors and crashes 4) various errors with other programs such as Adobe Acrobat, Firefox, etc.
I typed up police report about 2 weeks after that night discovering the hack, the same night it blew up. That is, roughly 6 weeks after my laptop crashed in her apartment. I booted up the new laptop about a week after I typed up the police report(week 7) on my new laptop and I noticed several Linksys configuration browser tabs opening and closing rapidly. I think maybe they were trying to hide their tracks in anticipation to law enforcement. I’ve installed an older temporary router while waiting for the Linksys replacement; I have been formatting and restoring my new laptop every week. I’m doing that in between router changes/modifications.
I have a total of 3 working laptops now, the two older ones(the blown up and repaired and an even older one) I have formatted and restored but they have never been hooked up to the internet. I want to make sure I setup the new replacement router properly before I do.
Lessons I’ve learned from this experience:
- Never sign onto a client’s wifi, bring your own wifi, unless you trust them and that’s rare now a days.
- Have 2 laptops, one for work/business, and one for personal use/personal data.
- Never carry personal data on your work lap.
- Never keep your website/banking/personal etc. login information on your iPhone or your laptop.
- Don’t give out your smartphone cellphone number, use a disposable tracphone or whatever as your frontline/published number. Let them hack that one. Only give your smartphone number out to people your trust.
- People are not nice.
- Only put out there what you’re willing to risk to lose.
- Feel free to make suggested additions to this list in your comments.
So my questions to you techies is this:
- How do I secure my laptop from hackers in the future?
- How do I secure my home wifi network?
- How do I re-setup a new router with maximum security? Linksys tech support told me the old one was corrupted when I tried to reflash the firmware on it. I’ve since got a replacement from Linksys for the failure of the old one.
- How do I ensure there are no more remnants of malicious software left in my data I’ve transferred to a hard drive? I’m using just one external hard drive for now(the one I transferred the recovered data onto). I’m keeping it and my new laptop the only thing I’m using now.