Gizmodo employee's iCloud account hacked with some serious damage done

ugahairydawgs · Aug 4, 2012

Let this be a warning to all. Find My Device is great, but there are definitely some potential drawbacks.

Exhibit A

calderone · Aug 4, 2012

The problem seems to be with Apple support being susceptible to social engineering.

Let's hope they start training staff properly.

Orange Furball · Aug 4, 2012

Holy crap. Glad I don't use icloud!

D.C.M. · Aug 4, 2012

"Update Three:
I know how it was done now. Confirmed with both the hacker and Apple. It wasnt password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions. Apple has my Macbook and is trying to recover the data. Im back in all my accounts that I know I was locked out of. Still trying to figure out where else they were."

ixodes · Aug 5, 2012

Apple Allowed Hackers Into iCloud Account

"Apple Allowed Hackers Access To User's iCloud Account"

http://www.forbes.com/sites/adriank...lowed-hackers-access-to-users-icloud-account/

noteple · Aug 5, 2012

Another teaser headline.
I agree it would be interesting to get all the facts.
Somebody really had it out for that guy.

ixodes · Aug 5, 2012

noteple said:
Another teaser headline.
I agree it would be interesting to get all the facts.
Somebody really had it out for that guy.

You're right. Apple craves headlines

miles01110 · Aug 5, 2012

Another teaser headline.

Terrible headline.

calderone said:
The problem seems to be with Apple support being susceptible to social engineering.

Let's hope they start training staff properly.

If the hacker did their homework, anyone would have thought the attacker was the victim. That's what social engineering attacks do. Without the facts it's impossible to place blame, but Apple probably just did what anyone else would have done in the same situation.

hafr · Aug 5, 2012

miles01110 said:
If the hacker did their homework, anyone would have thought the attacker was the victim. That's what social engineering attacks do. Without the facts it's impossible to place blame, but Apple probably just did what anyone else would have done in the same situation.

I've got an account at a stock trading site which only sends out new passwords if you call them and answer a series of answers, and the password will only be sent to either the address you had registered with them or your official address, should you for instance have moved.

Considering the potential enormous damage someone can do with someone's iCloud account, I would like to see that they had a somewhat similar security.

MacDawg · Aug 5, 2012

Let's all join the news thread and keep everything in one place
Thanks

Search

Search

Gizmodo employee's iCloud account hacked with some serious damage done

ugahairydawgs

macrumors 68030

calderone

Cancelled

Orange Furball

macrumors 65816

D.C.M.

macrumors newbie

ixodes

macrumors 601

noteple

macrumors 68000

ixodes

macrumors 601

miles01110

macrumors Core

hafr

macrumors 68030

MacDawg

Moderator emeritus

Our Staff