Switch to Desktop Site
 
 

As hacking victim's story spreads, Apple and Amazon tighten security

(Read article summary)
Image

Shannon Stapleton/Reuters/File

(Read caption) Amazon tightened its security policies this week after hackers exploited its customer service department to erase a tech journalist's online footprint. Here, Amazon CEO Jeff Bezos speaks at the launch of the Kindle Fire tablet in September 2011.

About these ads

By now you might be familiar with the saga of Mat Honan, the Wired reporter whose entire digital life was destroyed by hackers over the weekend. And you might be in the process of checking the security of your own online stuff. If you're an Amazon customer, at least, you can breathe (slightly) easier: Amazon quietly changed its customer privacy policies this week, presumably making it harder for other hackers to carry out similar attacks.

To recap: The hackers didn't use any sophisticated algorithms or brute-force attacks to gain access to Honan's online information. They just called Apple, pretending to be Mr. Honan and claiming to have lost access to the associated Apple e-mail account.

The hackers supplied two pieces of easily-discoverable information – a billing address and the last four digits of a credit card (which they were able to obtain by exploiting an Amazon loophole) – and were able to reset Honan's e-mail account. From there, they took Honan's Twitter account, and wiped his iPhone, iPad, and Macbook. Then they erased his Google account, along with tons of personal photos and documents.

Now, at least, both companies have battened down the security hatches a little bit. At the time Honan was hacked, someone could call in to change the e-mail address or credit card associated with an Amazon account by supplying a name, e-mail address, and mailing address. Shortly after Honan's story was widely publicized, though, Amazon changed its policy so that these pieces of information can no longer be changed by phone.

Next

Page:   1   |   2

Share