Mat Honan’s digital life was destroyed: His Google account, Twitter Account, Apple account, … all were gone. Along with that all of his iDevices were remotely wiped by the hackers.
Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter.
Information that is vital to one company’s security system can be found with some other company.
The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification.
Just put all the pieces together and voila, all is gone in just a matter of minutes:
At 4:52 p.m., a Gmail password recovery e-mail arrived in my .Me mailbox. Two minutes later, another e-mail arrived notifying me that my Google account password had changed.
At 5:02 p.m., they reset my Twitter password. At 5:00 they used iCloud’s “Find My” tool to remotely wipe my iPhone. At 5:01 they remotely wiped my iPad. At 5:05 they remotely wiped my MacBook. Around this same time, they deleted my Google account.
How Apple and Amazon Security Flaws Led to My Epic Hacking →
(via ★)
Leave a comment