Amazon and Apple have taken new steps to tighten security this week after a prominent Wired reporter had his digital life wiped by hackers exploiting lax privacy policies.
"In the space of one hour, my entire digital life was destroyed," Wired reported Mat Honan wrote in a piece Monday. "Getting into Amazon let the hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter," he added.
As of this week, Amazon and Apple users can no longer change vital account information over the phone using easy to obtain information such as billing addresses or partial credit card information.
It all started Friday. The prominent tech writer's accounts were "jacked" that day by hacking group Clan Vv3 and 19-year-old individual hacker Phobia.
In a piece he wrote for Wired, Honan detailed the method by which Phobia and his partner at Clan Vv3 hacked into his Gmail, Apple and Twitter accounts and proceeded to wipe clean all the data from his iPhone, iPad and MacBook.
It all started with Honan's Twitter handle @mat. After agreeing to not press charges, hacker Phobia revealed through Twitter direct messages, AIM and email that the hacking scheme started with his desire to commandeer Honan's simple 3-symbol Twitter handle.
After the decision was made to hack Honan's Twitter, Phobia started with Gmail. He guessed Honan's Gmail prefix (the same as his other email accounts) and then gained access to his Apple ID (@me.com) email by using the same prefix.
Phobia then found Honan's billing address online. Since he needed the last four digits of Honan's credit card information to access the Apple ID, he added a fake credit card via phone to Amazon and then used these digits to gain access.
Once in Honan's Apple account, Phobia claims his partner wiped everything clean - just to make a point, since they were only after his Twitter handle - including one year of pictures of Honan's newborn baby girl.
From there, getting access to Twitter was easy. All this had been done even before Honan realized the extent of the hacking.
And the hackers didn't even have a financial or political motivation for the hack, Honan said.
"The hack was simply a grab for my three-character Twitter handle," Honan said in his Wired piece. "That's all they wanted. They just wanted to take it...It wasn't personal."
"yea i really am a nice guy idk why i do some of the things i do," Phobia told Honan via AIM. "idk my goal is to get it out there to other people so eventually every1 can over come hackers."
Since Apple and Amazon announced their security changes, no further steps have been taken. Although access to most of his data and accounts has been restored - and Honan admits he could have enabled better security settings on his devices - the writer says he knows why the hack was a valuable lesson.
"What happened to me exposes vital security flaws in several customer service systems, most notably Apple's and Amazon's," Honan wrote.
"The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices."
| || |
| To receive FREE breaking news email alerts for Amazon.com Inc. and others in your portfolio|
by RTT Staff Writer
For comments and feedback: firstname.lastname@example.org