Over the weekend, Wired’s Mat Honan’s iCloud account was hacked. If you think having an iCloud account hacked isn’t a big deal, you’re completely wrong. This was a catastrophic nightmare…
The hacked account lead culprits to eventually resetting Twitter passwords on two different accounts connected to his iCloud email address. Using Find My iPhone through the iCloud website, the hackers were also able to wipe the data from his iPhone, iPad, and Mac.
Unfortunately everything was lost on his computer, iOS devices, and accounts but he is currently working to get the data restored.
The worst part about this devastating situation is that Apple basically let the hackers into his iCloud account. There weren’t brute-force password attacks, the hackers didn’t even do any actual hacking. They called AppleCare and had his iCloud password reset.
According to Honan:
I know how it was done now. Confirmed with both the hacker and Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions. Apple has my Macbook and is trying to recover the data. I’m back in all my accounts that I know I was locked out of. Still trying to figure out where else they were.
This is obviously a flaw that should have never came to fruition. Having your digital life wiped clean because of some idiots having fun is something no one should have to experience. Apparently 12 character passwords with a capital letter and a number aren’t enough to secure your account.
Let’s hope nothing else like this happens again. I also hope AppleCare gets their act together and keeps a better lock on iCloud accounts. Rest assure, Apple now knows about this security breech and definitely intends to put an end to this.