Skip to main content

Apple comments on Gizmodo/Wired writer’s account hacking, here’s how it went down…

We reported over the weekend on the hacking of the digital life of Wired’s Mat Honan.

Mat Honan wrote up his whole story over at Wired. The scariest part is that they were able to reproduce the hack using two pieces of publicly available information and a phone call.

We talked to Apple directly about its security policy, and company spokesperson Natalie Kerris told Wired, “Apple takes customer privacy seriously and requires multiple forms of verification before resetting an Apple ID password. In this particular case, the customer’s data was compromised by a person who had acquired personal information about the customer. In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers’ data is protected.”

On Monday, Wired tried to verify the hackers’ access technique by performing it on a different account. We were successful. This means, ultimately, all you need in addition to someone’s email address are those two easily acquired pieces of information: a billing address and the last four digits of a credit card on file. Here’s the story of how the hackers got them.

Scary. Scary. Scary.

“You honestly can get into any email associated with Apple,” Phobia claimed in an email. And while it’s work, that seems to be largely true.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel