Member Blog Post
Apple account hack raises concern about cloud storage
By Heather Kelly, CNN
updated 5:29 AM EDT, Tue August 7, 2012
On Friday night, Wired technology journalist Mat Honan was brutally hacked. In a chain of events that Honan would unravel in the following days, hackers took advantage of security holes at Amazon and Apple to gain access to his iCloud account. They then took over his Gmail account, remotely wiped all data from his MacBook Air, iPhone and iPad, and took over his Twitter account as well as the Twitter account of his former employer, Gizmodo.
The incident might seem small on its surface -- just one person's information, not a huge data breach of credit card numbers. But this one very public incident, thoroughly documented by Honan in a Wired article, could be a wake-up call to many who store their information with cloud-based services, including Amazon, Apple and Google.
"His experience leads to believe that cloud-based systems need fundamentally different security measures," said Honan. "Password-based security mechanisms — which can be cracked, reset and socially engineered — no longer suffice in the era of cloud computing."
The hackers used fairly basic techniques to accomplish the hack. They found Honan's home address and e-mail address online, and after some back and forth with Amazon tech support, used it to get the last four digits of Honan's credit card number. They called Apple customer support pretending to be Honan and used those four numbers along with same billing address to verify his identity, gaining access to Honan's iCloud account and the associated .Me account. The .Me account was Honan's backup e-mail for his Gmail account. Once they were in his Gmail, the hackers could reset passwords for all the key accounts that used Gmail, including Twitter accounts.
Once in, the hacker spammed Honan's Twitter followers and deleted all the data from his various devices. The remote wipe option is a security service offered by Apple as part of its Find My Mac/iPhone/iPad feature. If devices associated with the Apple ID are stolen, the owner can execute a remote wipe to prevent their data from falling into the wrong hands.
The motivation for the crime seems to be rather banal. In conversations with Honan, one of the hackers responsible revealed he just wanted Honan's three-letter Twitter handle, @mat. "I honestly didn't have any heat towards you before this. i just liked your username like I said before," he wrote Honan. Remotely wiping Honan's computers and mobile devices, permanently erasing data including a year-and-a-half of photos of his young daughter, was also done without any real reason. "yea i really am a nice guy idk why i do some of the things i do," the hacker wrote.
Apple responded with an official statement on Monday night, saying, "Apple takes customer privacy seriously and requires multiple forms of verification before resetting an Apple ID password. In this particular case, the customer's data was compromised by a person who had acquired personal information about the customer. In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers' data is protected."
In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.
In many ways, this was all his fault. His accounts were daisy-chained together. Getting into Amazon let hackers get into his Apple ID account, which helped them get into Gmail, which gave them access to Twitter.
So all FEARnet peeps beware take care.