Who is “Gary Jones”? An investigation into how a hacker may have stolen nude photos for a “revenge porn” site:

Is it really so easy to hack a Gmail account? See for yourself: Go to the Gmail login screen and click on the frequently ignored link underneath the sign-in menu, ‘Can’t access your account?’ Three options appear; choose ‘I forgot my password.’ Type in a Gmail address—any active Gmail address—and if there’s a phone number associated with the account, you’re given three more options, one of which is ‘Get a verification code on my phone.’ You don’t even need to know the phone number. Just hit ‘continue’ and an unrelated six-digit code will appear in a text to the account owner’s phone. Type in that verification code—a number easily obtained by a masquerading e-impostor—and you’re in. The first thing you’re prompted to do is immediately change your password, thereby blocking out the original owner.

In other words, if a hacker knows only your Gmail address and can figure out how to access your phone, he’s already most of the way into your shit.

“‘Gary Jones’ Wants Your Nudes.” — Camille Dodero, The Village Voice

More #longreads from Dodero

The staff of Longreads.
Get the Longreads Weekly Email

Sign up to receive the Top 5 Longreads of the week, delivered every Friday.