Dead Cincinnati Bell Email Address Leads to Facebook Hacking Attempt


This is not VR/AR related, but it is certainly an important topic that all should be aware of.

Over 15 years ago, I subscribed to a regional internet service provider offered by Cincinnati Bell. I was happy to support a local business, and had nothing but fantastic service during my contract with them.

When I moved to Seattle about two years ago, I cancelled my service with Cincinnati Bell, and I was sad to know that my trusty old email address would be retired. This was an email address that my wife and I used for many things in our life. When we left Cincinnati Bell’s internet service behind, we switched all of our accounts over to new email addresses… or so I thought.

Somehow, I had forgotten to remove the old Cincinnati Bell email address from my Facebook account. The old email address was listed as a secondary, for account recovery purposes. Since it wasn’t my main login email, I completely forgot that the old one was still listed there.

This morning, as I got out of the shower, my phone went off to let me me know that an email had just arrived. This email informed me that someone had requested a password reset for my Facebook account. At first, I saw this as a possible phishing attempt, so I ignored it. Then, a second email arrived indicating that the password had been reset and that an unknown device, in the Cincinnati area, had attempted to login. This sent me on a tizzy to quickly log in and lock down my account.

I was successful at reclaiming my account, and thwart whatever devious plans this person may have had, but this triggered an immediate conversation with my wife to be aware of what had happened.

Who is this person? Did they do this intentionally to hack my account? I wanted answers.

I called Cincinnati Bell Customer Support.

NOT Charlene
NOT Charlene

Charlene answered.

I gave her my full name and explained that my old email address had somehow fallen into the hands of someone who was attempting to hack my Facebook account. She pulled up the account.

‘That email address has been given to someone else.’

‘Wait… You recycle old email addresses?’

‘If it was turned off, and it’s been this long, we reuse old email addresses.’

‘Holy shit.’

We continued the conversation, and I expresses a deep level of concern about their need to reissue an email address that has barely been dead for two years. I always knew that phone numbers were reused, but I never considered email addresses.

‘So what do we do here? This person is either receiving my old emails, or he malicously attempted to hack my account using your service?’ I asked.

She surprised me by placing me on hold and attempted to contact the customer. She was unable to get ahold of them.

She continued, ‘I will attempt to get in contact with this customer and find out what is going on. I will call you back once I understand what is happening.’

What happens to dead email addresses?

If you are like me, you have probably given out your email address enough to guarantee that even if you delete an account, there will be a flow of neverending attempts to contact that email. When you left that service, are you 100% sure that you’ve removed your email address from all of your current social media, billing, and other important accounts?

Go double check right now. All of you.

I will make an update post once I hear back from Charlene at Cincinnati Bell.