This week it turns out that I was due for the latter with LinkedIn. And I am now locked out.
It began on Tuesday afternoon. With a glance at my email inbox I notice two messages from LinkedIn confirming that my password had been changed. That had occurred at 9.26am. It was now 1pm! With thoughts of "I've been hacked" pounding through my skull I quickly reviewed the email links and headers to ensure it was legitimate. It was.
I then dashed across to my LinkedIn app to discover that I was locked out. My password had indeed been changed.
The obvious step was to request a password reset; email received, password changed and a quick review of my account ... all looked fine, no changes. Perhaps this wasn't a hacker, maybe a glitch of some kind. Or perhaps someone gained access through my old work email? No. Would they?
Better be safe than sorry, I deleted my old work email from my authorised address list. It was only there as a means of allowing previous colleagues to discover me through the Outlook add-on. It never occurred to me that someone would use it to acquire access to my account.
Ok. Breathe! Tiny, inconsequential crisis averted I now begin to wonder about who had changed the password. Time for a fishing expedition. I contact LinkedIn Customer Help. And now the real fun begins.
I send a simply worded request asking for info on how my account was accessed and by whom. I partially knew the answer but I just wanted proof. I also informed LinkedIn that I had reset my password to assure them that I was back in control of my account. They responded with a request for screenshots of the emails and their headers.
I understand they must follow the basic procedures to ensure that moron X has his computer turned on, modem plugged in, monitor on, keyboard plugged in etc. but it is always an eye-rolling exercise to bear with. In this case they were checking that it hadn't been a phishing email - it wasn't as I had already verified.
Anyway, I persevere and comply. Screenshots sent. Again I reiterated that I had changed my password, was in control of my account and that I suspected what had happened but just wanted information from them to substantiate my claim.
It was now mid afternoon and I received a final response for the day stating that it had been passed to the 'Trust and Safety Team' for review. It took 24hrs for a response while they 'investigated'. But when they did I was flabbergasted (don't you just love that word?).
Suffice to say, that response was a clear indication that they had not investigated. A quick look at my account would have seen two separate requests for a password reset and two subsequent password changes - one from my previous employer and one from me 4hrs later.
According to LinkedIn it never occurred.
Further this was a stock standard answer for the question of "why did I get a password reset link?", not "why did I get a password change confirmation?".
So, here I was with a service provider that I could no longer trust to adequately investigate a security matter and come up with anything other than a lie. What am I to do.
My retaliation was swift.
The reason I know that it was my former employer is that I had communication from them enquiring why the access they had acquired was now gone. Yup. They admitted what they had done (albeit in order to edit the organisation profile that I had created) and wanted to get access again. Hell no!
By now you may be thinking that this was my own fault. That because I left my my old email address attached to my account that it gave rise to this situation being possible. Yep. I admit it. I failed to see that my former employer would use my old email address to gain access to my account. That is like blaming the rape victim for walking down a dark alley. Yes it was a mistake, but the perpetrator still remains responsible for their actions.
So what do the authorities do after my latest response and a few terse posts on Twitter? They do what any dog does when it is backed into a corner. They bite!
Can you actually believe that they have suspended my account and are now asking me to provide personal identification and a sworn affidavit that I am the owner of my own information to which they have been replying to via the email listed on the account and through Twitter.
Can you actually fucking believe it?
Neither can I.
*facepalm*
