Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Apple and Amazon Security Flaws Led To Mat Honan's Identity Theft

Posted by Unknown on from the quick-turnaround dept.

An anonymous reader writes "The story behind the hacking of Mat Honan's multiple accounts has been revealed and points to massive failures in how Amazon and Apple handle password recovery. Accounts for both sites can be easily accessed with simple to find publicly available information. If you ask me, both companies should be liable for violating privacy laws."

3 of 222 comments (clear)

  1. Re:Why remote wipe? by juventasone · · Score: 5, Insightful

    If your device is lost or stolen.

  2. a lot of mistakes here by pbjones · · Score: 4, Insightful

    Not backing up data, able to get Amazon account data with 2 phone calls, able to get an Apple/Google/whatever password reset with just a little bit of work. They could have also stolen his CC statement from his mailbox, as well as a Utility bill and got part of the way to getting a new credit pin or drivers license and after a bit of time a new passport. This sort of hacking is not new, just different. Once the security questions used to be the standard 3, your mums maiden name, your city of birth, and your first pet/car/whatever, now the answers are often on-line or traceable via Facebook. The blame should be shared amongst everyone, including the person who did the hacking. Excuse me, I have to backup my computers.

    --
    There was an unknown error in the submission.
  3. I smell some B.S here. by mark-t · · Score: 4, Insightful

    He says, when talking about the hackers, that "...their ultimate goal was always to take over [his] Twitter account". Why, then, did they delete his Google Account, and then remotely erase his iPhone, iPad, and MacBook? I might get that they want to erase evidence that could be used to track them down, and to that extent, wiping the Google account, which they had apparently gotten access to, makes a modicum of sense. But unless they were using his iPhone, iPad, and MacBook as well, I'm not sure how erasing all of them was in any way helpful to them in any regard whatsoever. No... the bastards that did this to him definitely had some malicious intent involved.

    I'm not saying that he wasn't hacked... nor am I saying that he wasn't hacked in this way, I'm suggesting that the allegation that the hackers were only after his twitter account seems extremely dubious... at least to me.

    --
    File under 'M' for 'Manic ranting'