Apple Granted Hacker Access To A Reporter’s iCloud Account

Well, this is truly shocking. On Friday, Mat Honan, a writer for Wired, had his iCloud account hacked. This resulted in a number of emails and social networking accounts of his also being hacked.

Once Honan was re-granted access to his iCloud account, he was able to trace back the hacker’s steps through password reset emails. Keep reading on below for Honan’s story and the damage that was achieved:

At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere.
…
The backup email address on my Gmail account is that same .mac email address. At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed.

At 5:00 PM, they remote wiped my iPhone
At 5:01 PM, they remote wiped my iPad
At 5:05, they remote wiped my MacBook Air.

A few minutes after that, they took over my Twitter. Because, a long time ago, I had linked my Twitter to Gizmodo’s they were then able to gain entry to that as well.

At first, Honan was dazed with how the hacker may have gained access to his iCloud account. Later on though, Apple and the hacker confirmed Apple support provided the password after being persuaded Honan was on the phone.

It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions.

After reading what happened to Honan, it makes me realize Apple’s security isn’t as tight as it should be. What are your thoughts on what happened to Honan?

[via Forbes]