5 On Your Side

Knightdale woman's $2,700 web services bill could have been prevented with multi-factor authentication

A Knightdale woman reached out to 5 On Your Side for help after someone hacked her Amazon Web Services account and she was billed more than $2,700.
Posted 2022-01-17T21:48:00+00:00 - Updated 2022-01-20T23:08:23+00:00
Wake woman billed after account was closed
By 
Monica Laliberte
 , WRAL executive producer/5 on Your Side reporter

A Knightdale woman reached out to 5 On Your Side for help after someone hacked her Amazon Web Services account and she was billed more than $2,700.

Sharron Rogers said she used AWS, a popular cloud service provider, on a free trial to send a digital file. She later got an email warning her account may be compromised.

"At first I was like, 'This has to be a scam,'" Rogers said.

She logged into Amazon Web Services, saw nothing unusual, and, since she hadn't used the account in months, she closed it. Then she got the email with a bill for $2,766.

"I was very upset. I kept trying to talk to Amazon. No one would call me. I kept sending email after email," said Rogers.

After multiple messages, an AWS customer service representative told Rogers that to investigate she had to reopen the account and add a valid payment method.

"I didn't want to reopen to it,” she said. “I didn't want to add another payment method, but at the same time I wanted it resolved.”

So, Rogers logged in and found the account was being used all over the world. She says Amazon walked her through complicated, confusing steps to fix the hack.

"I had to go through each region, like Mumbai and all across the world and Singapore, and terminate these EC2 instances,” Rogers said. “I'm not a technical person in that nature. So, I don't know what they were, but it was something. Whatever I was doing, it was supposed to stop the billing.”

But more charges showed up. Rogers' January's estimated bill was $2,000.

She asked the customer service rep if there was a chance she'd be held financially responsible and learned that was a possibility.

5 On Your Side found multiple, similar complaints online.

An AWS spokeswoman told 5 On Your Side, "Even after the account is closed, (it's) still accessible," so users can collect their content. To secure an account, users have to take the steps outlined to Rogers. They're listed on the AWS website.

After 5 On Your Side intervened, Rogers was told her account is now secure.

"I feel like I have a part-time job trying to sort all of these things out," Rogers said.

Her experience is a reminder to always use multi-factor authentication on your accounts. Getting a required code sent to your phone is an added layer of protection.

As for the charges, AWS said they consider each case before deciding to bill and that they "work with each customer individually to find resolution."

More On This

Wake woman billed after account was closed
watch ·

Wake woman billed after account was closed

12/13: US warns hundreds of millions of devices at risk from newly revealed software vulnerability

12/13: US warns hundreds of millions of devices at risk from newly revealed software vulnerability

related

Videos

WRAL Late News
watch ·

WRAL Late News

WRAL WeatherCenter Forecast
watch ·

WRAL WeatherCenter Forecast

State lawmakers debate bills to ban masks, AI-generated pornography
watch ·

State lawmakers debate bills to ban masks, AI-generated pornography

Daytime Pick 3 and Pick 4 Drawing
watch ·

Daytime Pick 3 and Pick 4 Drawing

Biden delivers remarks at the National Peace Officers' Memorial Service
watch ·

Biden delivers remarks at the National Peace Officers' Memorial Service

Credits