Apple Support Gives Hacker Access to Blogger's iCloud

[Galdorf]

Apple Support Gives Hacker Access to Blogger's iCloud

Wow now this is scarey that something like this could happen my guess is this guy got fired and im glad i don't have any apple stuff this could happen too.
So much for Cloud security lol if they just give passwords away to hackers lol.

[anonymous Mac Tech]

Quote:

Originally Posted by Galdorf

Apple Support Gives Hacker Access to Blogger's iCloud

Wow now this is scarey that something like this could happen my guess is this guy got fired and im glad i don't have any apple stuff this could happen too.
So much for Cloud security lol if they just give passwords away to hackers lol.

This essentially could happen (and probably has happened) to anybody with any big companies tech support. But this time it happened to a tech blogger and it happens to be with Apple, so now its news?

Most tech companies have authentication questions and just by digging through someones trash, you can gain access to a billing statement that got tossed that could give you an account number, which is enough to get your email password reset with Comcast as well as throw the whole security question setup out of the window. To reset your Apple ID online, you have to choose no less than three security questions and provide answers for each. I'm not sure what the process is when resetting your Apple ID over the phone or what could override the security questions and answers. What I'm finding most of the time since the integration from Mobile Me to icloud is still an ongoing process, most folks haven't even done the security Q&A setup yet.

Quote:

Mr. Honan said that he had confirmed with both the hacker and Apple that it wasn't password related. The hacker simply phoned Apple support, convinced the tech support worker that he was Honan and had them reset the password.

Confirmed with the hacker?

Quote:

At 5:05pm, his MacBook Air was wiped clean.

From Apple about erasing a Macs functionality;

Quote:

Erase a Mac: Enter a passcode that you’ll need to use to unlock the device if you find it (to prevent anyone but yourself from using the computer if found), and then follow the onscreen instructions.

The hacker must've gotten his passcode reset from Apple support also? Not likely...The only way I know of to reset a passcode on iOS device for that matter is to have physical access to the device. For a Mac running OSX, I assume they mean the admin password. This also can only be reset locally. So I'm not seeing how this is possible without having access to way more than an icloud account. Unless he sent himself an email the hacker found that has his admin passwords recorded? That in itself is about the dumbest thing you can do.

Quote:

To all asking exactly what info let hackers access my account, I want to give Apple a chance to respond first. Should be an easy fix

I'd say this too if I wasn't 100% sure I wasn't going to come out looking like a moron after all is said and done.

[anonymous Mac Tech]

Here is the full story. Just as I thought. The hacker gained a piece of info through a gaping security hole through Amazon, which in turn happened to be just the piece of info (besides billing address) that would override the security Q&A with Apple. Moreover, the reason why the hacker called to reset the password as opposed to doing it online.

These online security Q&A get forgotten all the time. Therefor, there must be some manual override beyond these questions. Just like I mentioned with Comcast, an account number and billing address (along with the telephone number on the account) is all that is needed to override the security Q&A. These are standard procedures used to override security Q&A used by just about any company.

I'm not saying, Apple is void of all blame, but lets give credit where credit is due to all parties involved. Amazon really got the ball rolling by disclosing the last four numbers of the credit card without any kind of effort. Then this guy is crying about losing all of his "priceless" photos, but hasn't done a backup in at least a year? Yeah, I'm going to recommend folks to read this guys tech blogs...

I'd still like to know how the remote wipe of the Macbook Air happened without any further authentication? Supposedly during the setup assistant, you can set up a code besides the admin password. He states it asked for the code which he apparently never set up. Although I haven't played with remote wipe it must allow you to skip setting up the code with setup assistant (which is reasonable if you never plan to connect your Mac to icloud). So I suppose between not setting up the security code, not backing up, and using the same credit card number for just about everything, this guy is a big part of the destruction of his digital universe.

I just love how this forum members seem to avoid there were many factors at work to compromise his information (a perfect storm between Amazon, Apple, Gmail, and most of all how he left himself vulnerable in so many ways) but the only one that really stands out is Apple.

[TimM]

The numbskull who writes Apple's Windows software must've been on support duties that day.

[Big Jim]

It seems ridiculously easy to gain access to someone elses amazon account though.