New Delhi: Wired reporter Mat Honan's digital identity was hacked into, information deleted and offensive content posted thanks to a security flaw in Apple's password retrieval process.
"In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook," Honan wrote in a post on Wired.com.
Hackers only needed to supply AppleCare representatives with a name, email address, mailing address and the last four digits of a credit card number linked to an AppleID over the phone to get hold of a temporary password.
With that temporary password they were able to gain access to Honan's iCloud account and then they erased his iPhone, iPad and MacBook that also consisted all the photos from the first year-and-a-half of his daughter's life.
Honan's Gmail ID was linked to his Apple @me.com ID and since he didn't have the two-step verification turned on for his Google account, hackers easily reset his Google password. Honan's Twitter ID (as well as his previous employer Gizmodo's) was linked to his Gmail, this led to unauthorised access of both the Twitter accounts.
An important link in the entire chain was Amazon.com. Hackers were able to get access to the last four digits of Honan's credit card number taking advantage of another security flaw in Amazon's process. His email ID was public and a simple web search revealed Honan's mailing address.
Mat Honan is currently trying to restore his digital existence and recover the data. One of the hackers got in touch with Honan and revealed the entire chain of events. Wired reports that Apple and Amazon are currently trying to plug the holes.
The Mat Honan hacking incident highlights the importance of password security in this cloud-connected digital world and also necessitates stronger alternate security measures to protect users' identity and content.
"If you have an AppleID, every time you call Pizza Hut, you’ve giving the 16-year-old on the other end of the line all he needs to take over your entire digital life," Honan said in his post.
Comments
0 comment