My girlfriend's yahoo email account was hacked earlier this month. The password was changed and the 'forgot my password' link wouldn't work. Her eBay account, however, still had the same password. Durring the time when she couldn't enter her email, this person put a GPS system up on eBay and some one 'won' it. The person who won the auction, sent the hacker $1200 some dollars, and of course, did not receive this item.
Now this is the information I have up to tonight. The headers of emails he sent from the hacked account, with ip and time. The account number, routing number, and name and address of the bank the wire transfer was sent to.
I have sent and email to AOL, his service provider assumed from his ip, telling them about this. Is there anything else I should do? Also, her password had letters and numbers, and her security question was a trick question. How did this person gain access to her account? Norton and Ad-Aware have turn up nothing suspicious.
One more question, would I be invading his privacy if I were to post his account and routing number and any other information I find, on here for google and the whole world to see?