My IMAP e-mail account just got completely wiped by forces unknown. What could have caused this?
October 27, 2010 3:35 PM Subscribe
My IMAP e-mail account just got completely wiped by forces unknown. What could have caused this?
Here is today's timeline... everything took place within thirty minutes:
1. Outlook 2010 was having repeated problems... crashing and unable to sync folders with this particular account over a period of three days.
2. Called webhost/emailhost support to inquire about the problem. Was put on hold for five minutes and then the tech came back and told me that there was no problem.
3. Outlook finally spits out an error message, saying an AVG 2011 Outlook plugin was creating problems and did I want to disable it. I disable this plugin.
4. I log into my email account and everything is working fine. All folder syncing problems have been resolved.
5. Change my outgoing mail port from 25 to 587.
6. Send test message, everything ok.
7. POOF! Every email and every folder has been wiped.
8. Login to webmail, everything is missing.
9. Check other IMAP account with same webhost, all emails and folders are intact. No problems with this account.
10. Contact webhost tech support. Tech sends a test email to the affected account.
11. Email arrives. When trying to delete this test email, Outlook tells me I cannot delete it because "This Message Has Already Been Deleted." Email sits in my inbox in Outlook.
12. Log into webmail, can delete test message from there.
13. Sent items and deleted items folders reappear in Outlook.
14. Webhost denies any knowledge of any problem on their end. Webhost submits ticket to have an admin check all logs and to restore the files as of three days ago (best they can do and better than nothing).
15. Email account is now functioning normally, but it is still empty.
Other important facts:
1. I work in the legal profession have participated in several cases involving sophisticated fraud rings.
2. In one of these cases, there were allegations of email intrusion by an opposing party.
3. I had a weak password.
4. While a malicious wipe is possible, I don't think it is probable due to the compressed timeframe delineated above.
Anyone have any idea what might have caused this? Or more importantly, does anyone have any idea what I can do to prevent this from happening again? Was the fact that the IMAP server would not let me delete emails from my inbox related to this issue?
I have changed my password to something resembling "@465VF163fgg#$6" as a necessary precaution. If people get nothing else out of this... do ensure you have a strong password. It certainly would have eliminated several possible culprits for my misfortune.
Thank you!
Here is today's timeline... everything took place within thirty minutes:
1. Outlook 2010 was having repeated problems... crashing and unable to sync folders with this particular account over a period of three days.
2. Called webhost/emailhost support to inquire about the problem. Was put on hold for five minutes and then the tech came back and told me that there was no problem.
3. Outlook finally spits out an error message, saying an AVG 2011 Outlook plugin was creating problems and did I want to disable it. I disable this plugin.
4. I log into my email account and everything is working fine. All folder syncing problems have been resolved.
5. Change my outgoing mail port from 25 to 587.
6. Send test message, everything ok.
7. POOF! Every email and every folder has been wiped.
8. Login to webmail, everything is missing.
9. Check other IMAP account with same webhost, all emails and folders are intact. No problems with this account.
10. Contact webhost tech support. Tech sends a test email to the affected account.
11. Email arrives. When trying to delete this test email, Outlook tells me I cannot delete it because "This Message Has Already Been Deleted." Email sits in my inbox in Outlook.
12. Log into webmail, can delete test message from there.
13. Sent items and deleted items folders reappear in Outlook.
14. Webhost denies any knowledge of any problem on their end. Webhost submits ticket to have an admin check all logs and to restore the files as of three days ago (best they can do and better than nothing).
15. Email account is now functioning normally, but it is still empty.
Other important facts:
1. I work in the legal profession have participated in several cases involving sophisticated fraud rings.
2. In one of these cases, there were allegations of email intrusion by an opposing party.
3. I had a weak password.
4. While a malicious wipe is possible, I don't think it is probable due to the compressed timeframe delineated above.
Anyone have any idea what might have caused this? Or more importantly, does anyone have any idea what I can do to prevent this from happening again? Was the fact that the IMAP server would not let me delete emails from my inbox related to this issue?
I have changed my password to something resembling "@465VF163fgg#$6" as a necessary precaution. If people get nothing else out of this... do ensure you have a strong password. It certainly would have eliminated several possible culprits for my misfortune.
Thank you!
Sorry I can't help with the forensics bit, but:
This is why I don't recommend web host email to my clients, and I am a web hosting reseller. Even Dreamhost encourage their customers to use GMail rather than regular Dreamhost IMAP/webmail.
posted by circular at 4:14 PM on October 27, 2010
This is why I don't recommend web host email to my clients, and I am a web hosting reseller. Even Dreamhost encourage their customers to use GMail rather than regular Dreamhost IMAP/webmail.
posted by circular at 4:14 PM on October 27, 2010
The tech probably went to test your account and setup a new POP3 mailbox profile instead of IMAP, which would have removed all of your inbox messages. Google Mail has the ability to connect to your webhost email provider's email server and pull messages down, which I've been using with my MediaTemple account. It's reliable and it allows me to stockpile my mail without touching my host's storage limits.
posted by tmt at 4:47 PM on October 27, 2010
posted by tmt at 4:47 PM on October 27, 2010
Response by poster: Luckily I paid for premium backup service... and I guess they are working on it because all the folders are back... but the folders are all empty.
And just to clarify... not only my inbox was nuked... but also three years of meticulously organized client/case folders. Gone *fingersnap* just like that.
This has been a rather terrifying experience... and I appreciate the feedback.
Funny how I just read an article about judges threatening to throw lawyers in jail for contempt in the despoliation of electronic evidence. Looks like I need to figure out some type of backup system.
posted by Mr_Crazyhorse at 5:27 PM on October 27, 2010
And just to clarify... not only my inbox was nuked... but also three years of meticulously organized client/case folders. Gone *fingersnap* just like that.
This has been a rather terrifying experience... and I appreciate the feedback.
Funny how I just read an article about judges threatening to throw lawyers in jail for contempt in the despoliation of electronic evidence. Looks like I need to figure out some type of backup system.
posted by Mr_Crazyhorse at 5:27 PM on October 27, 2010
Response by poster: Tech support said that the POP3 possibility would have only wiped my inbox, not my subfolders.
posted by Mr_Crazyhorse at 10:39 AM on October 28, 2010
posted by Mr_Crazyhorse at 10:39 AM on October 28, 2010
This thread is closed to new comments.
It happens. It ain't pretty, but it happens.
As someone who used to do that stuff for a living, I would give the possibility of fraud/malicious behavior a likelihood of approximately .001%. Possibility of tech support botching the job: 84%. Possibility that Outlook just ate your stuff: 15.999%.
Email was never meant to be a secure system, and no data is ever permanent. If you need to keep copies of all your emails, definitely back them up to a reliable format (burn to DVDs, implement a backup drive, print out and put in client files, etc).
But if you contact tech support right quick, they might be able to restore some of your email from their own backup systems. Yell at the first person you talk to, and ask the second person nicely.
posted by ErikaB at 4:13 PM on October 27, 2010