Skip to main content

Apple freezes over-the-phone password resets in response to Honan hack

posted onAugust 8, 2012
by l33tdawg

An anonymous Apple employee confirmed to Wired tonight that the company is putting a 24-hour freeze on over-the-phone password verification—a step in Apple ID security that cost Wired reporter Mat Honan an iPhone, iPad, MacBook, several e-mail accounts, and two Twitter accounts worth of information over the weekend.

The hacker was able to take control of Honan's three Apple devices after accessing Honan's iCloud and .Me account through a password change made by Apple tech support, after the hacker gave the rep Honan's e-mail address, the last four digits of a credit card number, and the associated billing address, which the hacker gleaned from Amazon tech support. Earlier today, Amazon said it would no longer allow customers to call and change account and e-mail settings.

Yesterday, Apple publicly maintained that nothing was wrong with its security policies. "In this particular case, the customer’s data was compromised by a person who had acquired personal information about the customer," Apple said in a statement. "In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers’ data is protected."

Source

Tags

Apple Security Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Simplenews subscription

Stay informed - subscribe to our newsletter.
The subscriber's email address.
Keeping Knowledge Free for Over a Decade

Copyright © 2018 Hack In The Box. All rights reserved.

36th Floor, Menara Maxis, Kuala Lumpur City Centre 50088 Kuala Lumpur Malaysia
Tel: +603-2615-7299 Fax: +603-2615-0088