Hunting for Short Twitter Handles ⇥ d.pr

Josh Bryant (@jb nearly everywhere) was also subject to a similar attack:

The scary thing was that I only thought of the true implications of this attack days later. As I was contemplating what had happened and how I could prevent it in the future, a very frightening thought occurred to me. This attacker started with Amazon because he knew that an commerce shopping site’s customer support would be relatively easy to convince and gain access. However, that same site offers cloud services that many startups (including mine) rely on to host their data. Droplr, the startup that I am a founder of, is completely based on Amazon’s stack, from using EC2 servers where we host all of our technology to S3 which we use for file storage. This attacker had access to all of it. I was extremely lucky that in his rush to gain access to @jb, he didn’t think to check if my account had anything under AWS.