Gizmodo employee's iCloud account hacked with some serious damage done

Discussion in 'Apple Music, Apple Pay, iCloud, Apple Services' started by ugahairydawgs, Aug 4, 2012.

Thread Status:
Not open for further replies.
  1. ugahairydawgs macrumors 68020

    ugahairydawgs

    Joined:
    Jun 10, 2010
    #1
    Let this be a warning to all. Find My Device is great, but there are definitely some potential drawbacks.

    Exhibit A
     
  2. calderone macrumors 68040

    calderone

    Joined:
    Aug 28, 2009
    Location:
    Seattle
    #2
    The problem seems to be with Apple support being susceptible to social engineering.

    Let's hope they start training staff properly.
     
  3. Orange Furball macrumors 65816

    Orange Furball

    Joined:
    May 18, 2012
    Location:
    Scranton, PA, USA
  4. D.C.M. macrumors newbie

    Joined:
    Aug 4, 2012
    #4
    "Update Three:
    I know how it was done now. Confirmed with both the hacker and Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions. Apple has my Macbook and is trying to recover the data. I’m back in all my accounts that I know I was locked out of. Still trying to figure out where else they were."
     
  5. ixodes macrumors 601

    ixodes

    Joined:
    Jan 11, 2012
    Location:
    Pacific Coast, USA
  6. noteple macrumors 65816

    Joined:
    Aug 30, 2011
    #6
    Another teaser headline.
    I agree it would be interesting to get all the facts.
    Somebody really had it out for that guy.
     
  7. ixodes macrumors 601

    ixodes

    Joined:
    Jan 11, 2012
    Location:
    Pacific Coast, USA
    #7
    You're right. Apple craves headlines :)
     
  8. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #8
    Terrible headline.

    If the hacker did their homework, anyone would have thought the attacker was the victim. That's what social engineering attacks do. Without the facts it's impossible to place blame, but Apple probably just did what anyone else would have done in the same situation.
     
  9. hafr macrumors 68030

    Joined:
    Sep 21, 2011
    #9
    I've got an account at a stock trading site which only sends out new passwords if you call them and answer a series of answers, and the password will only be sent to either the address you had registered with them or your official address, should you for instance have moved.

    Considering the potential enormous damage someone can do with someone's iCloud account, I would like to see that they had a somewhat similar security.
     
  10. MacDawg macrumors P6

    MacDawg

    Joined:
    Mar 20, 2004
    Location:
    "Between the Hedges"
    #10
    Let's all join the news thread and keep everything in one place
    Thanks :)
     
Thread Status:
Not open for further replies.

Share This Page