|August 7, 2012
On Friday night, Wired technology journalist Mat Honan was brutally hacked. In a chain of events that Honan would unravel in the following days, hackers took advantage of security holes at Amazon and Apple to gain access to his iCloud account. They then took over his Gmail account, remotely wiped all data from his MacBook Air, iPhone and iPad, and took over his Twitter account as well as the Twitter account of his former employer, Gizmodo.
The incident might seem small on its surface -- just one person's information, not a huge data breach of credit card numbers. But this one very public incident, thoroughly documented by Honan in a Wired article, could be a wake-up call to many who store their information with cloud-based services, including Amazon, Apple and Google.
"My experience leads me to believe that cloud-based systems need fundamentally different security measures," said Honan. "Password-based security mechanisms — which can be cracked, reset and socially engineered — no longer suffice in the era of cloud computing."
The hackers used fairly basic techniques to accomplish the hack. They found Honan's home address and e-mail address online, and after some back and forth with Amazon tech support, used it to get the last four digits of Honan's credit card number. They called Apple customer support pretending to be Honan and used those four numbers along with same billing address to verify his identity, gaining access to Honan's iCloud account and the associated .Me account. The .Me account was Honan's backup e-mail for his Gmail account. Once they were in his Gmail, the hackers could reset passwords for all the key accounts that used Gmail, including Twitter accounts.