By now, you may have heard the story of the identity 'hack' perpetrated against Wired journalist Mat Honan. Using easily obtained data, an anonymous duo bluffed its way into changing his Amazon account, then his Apple iCloud account, then his Google account and ultimately the real target, Twitter. Both Amazon and Apple were docked for how easy it was to modify an account over the phone -- and, in close succession, have both put at least a momentary lockdown on the changes that led to Honan losing much of his digital presence and some irreplaceable photos. His own publication has reportedly confirmed a policy change at Amazon that prevents over-the-phone account changes. Apple hasn't been as direct about what's going on, but Wired believes there's been a 24-hour hold on phone-based Apple ID password resets while the company marshals its resources and decides how much extra strictness is required.
Neither company has said much about the issue. Amazon has been silent, while Apple claims that some of its existing procedures weren't followed properly, regardless of any rules it might need to mend. However the companies address the problem, this is one of those moments where the lesson learned is more important than the outcome. Folks: if your accounts and your personal data matter to you, use truly secure passwords and back up your content. While Honan hints that he may have put at least some of the pieces back together, not everyone gets that second chance.
Filed under: Internet
Amazon, Apple stop taking key account changes over the phone after identity breach originally appeared on Engadget on Tue, 07 Aug 2012 23:40:00 EDT. Please see our terms for use of feeds.
Permalink |
Wired (1), (2) |
Email this |
Comments
The "celebgate" photo leaks might be years old by now, but that isn't stopping the courts from doling out stiff punishment for the account hijacks. A federal judge has sentenced Chris Brannan to 34 months in prison after he pleaded guilty to identit...
Like other migrating beasts, hackers travel huge distances for feeding, breeding, and breaking things every summer -- at Defcon in Las Vegas. The way they move about the city is driven primarily by the availability of free booze at corporate parties...
The public perception of hacking involves a shadowy figure in a hoodie hunched over a laptop, tapping furiously while a waterfall of glowing green text fills the screen. Also they're probably listening to industrial music. First off, that's a ridicul...
Just before Anthony Scaramucci's fifteen minutes -- er, I mean ten days -- of White House fame were up, a man in the UK (who imaginatively calls himself "Email Prankster") had some choice words with him via email. Nothing weird there you think? Excep...
Google is closing a loophole in its Safe Browsing search policy. While it already flags sites that violate its malware, phishing and other policies, bad actors can temporary halt those activities. Then, once the warnings are removed, they resume, and...
Well, this is awkward: Not long after Snapchat was bragging to potential investors about its ephemeral social app garnering some 8 billion daily video views, the company has admitted that it fell prey to a phishing attempt. A post on the company's bl...
For years now, Google's been working hard to make the internet less dangerous. That's why the company has announced a new feature to strengthen its Safe Browsing initiative. The goal with this one, Google says, is to protect users from deceptive embe...
Eric Springer is not happy, mostly because he believes that Amazon let a nefarious type get at his account. In a blog over at Medium, Springer revealed that he was the victim of a "social engineering" hack that exposed his details to an unnamed third...
