I Challenged Hackers To Investigate Me And What They Found Out Is Chilling

Alan L. Penenberg | PandoDaily | October 26, 2013

It’s my first class of the semester at New York University. I’m discussing the evils of plagiarism and falsifying sources with 11 graduate journalism students when, without warning, my computer freezes. I fruitlessly tap on the keyboard as my laptop takes on a life of its own and reboots. Seconds later the screen flashes a message. To receive the four-digit code I need to unlock it I’ll have to dial a number with a 312 area code. Then my iPhone, set on vibrate and sitting idly on the table, beeps madly.

I’m being hacked — and only have myself to blame.

Two months earlier I challenged Nicholas Percoco, senior vice president of SpiderLabs, the advanced research and ethical hacking team at Trustwave, to perform a personal “pen-test,” industry-speak for “penetration test.” The idea grew out of a cover story I wrote for Forbes some 14 years earlier, when I retained a private detective to investigate me, starting with just my byline. In a week he pulled up an astonishing amount of information, everything from my social security number and mother’s maiden name to long distance phone records, including who I called and for how long, my rent, bank accounts, stock holdings, and utility bills.

The detective, Dan Cohn, owned and operated Docusearch, a website that trafficked in personal information, and at the time, he was charging $35 to dig up someone’s driving record, $45 for his bank account balances, $49 for a social security number, $84 to trace a mobile number, and $209 to compile his stocks, bonds, and securities. The site offered a simple clickable interface and Amazon-like shopping cart. It’s still around today, boasting similar services. “Licensed Investigators for Accurate Results” reads the tag line, calling itself “America’s premier provider of on-line investigative solutions.”