It was 5 p.m. when Mat Honan, journalist for wired, knew that he was being hacked. Later that night he discovered that a hacker called Phobia had hacked his email, Twitter, Amazon, iCloud account, and wiped his iPhone and MacBook’s hard drive. After Honan set up a new Twitter account and tweeted about the hack Phobia messaged him and told Honan how he was about to hack into all his accounts and why he did it.
Phobia’s reason for hacking Honan was because he wanted his Twitter handle @mat. The first thing that Phobia did was figure out that Honan had a Gmail account. From Google’s account recovery page Phobia was able to find a partial of another email that Honan had which happened to be his Apple @me e-mail. In order for Phobia to gain access to Honan’s Apple account all Phobia needed was a billing address, the last four digits of Honan’s credit card, and a simple phone call to Apple’s tech support. The way the Phobia got the billing address was a simple search on the internet. For getting the last four digits of Honan’s credit card number Phobia had a partner that did this part. His partner first called Amazon and said that he wanted to add a credit card number to the account. To do this all Amazon requires is the billing address and the email address that goes with the account. Then Phobia’s partner call again and said that he could not access the account and by giving them the billing address, Honan’s name, and the credit card number that Phobia’s partner had just attached to the account, Amazon let him add a new email account and sent him a temporary password to regain access to the account. With access to the Amazon account Phobia was able to see the last four digits of all the credit cards on Honan’s account. Now that Phobia had the last four digits of Honan’s credit card, his name, and his address, Phobia called AppleCare and was able to gain access to Honan’s Apple email and also his Gmail account.
In his article about the hacking Honan talks about some of the measures he could have taken to prevent this from happening. The major one that he did not due was use Google’s two-factor authentication. Two of the other things he mentions where that he should have been backing up his MacBook regularly, which would have meant that Honan would have not lost all the pictures of his 1 year old daughter and many work related files, and not using the same email for all of his accounts. But this still poses the question that if a 19 year old kid and his friend can get into a person’s accounts, with little to no training and actual hacking, and wipe a person’s MacBook and iPhone what will happen when Windows 8 comes out which supports cloud? Could we see more of these incidents and could we even see it on a larger scale if better security measures are not implemented?