Former Gizmodo writer Mat Honan had a bad weekend, as a hacker gained access to his iCloud account, wiping his Mac, iPhone and iPad. This was all “allowed” by Apple’s support team.
According to Honan:
At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere. When I set it up, years and years ago, that seemed pretty secure at the time. But it’s not. Especially given that I’ve been using it for, well, years and years.
The backup email address on my Gmail account is the same .mac email address. At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed.
At 5:00 PM, they remote wiped my iPhone. At 5:01 PM, they remote wiped my iPad. At 5:04, they remote wiped my MacBook Air.
A few minutes after that, they took over my Twitter. Because, a long time ago, I had linked my Twitter to Gizmodo’s they were then able to gain entry to that as well.
To make things even worse, Honan didn’t have any backups of his “more than a year’s worth of photos, emails, and documents.” Apple has also stated that none of this data is recoverable without serious forensic help.
As it turns out, the hacker was able to call Apple support and convince the support team that he was the user (Honan).
I know how it was done now. Confirmed with both the hacker Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions.
Apple definitely needs to step up their security, as this is unacceptable! With that being said, there’s no reason to get worried about your account getting hacked unless you are a public figure and your email address is open to the public.