Recent exploits show that Cloud services can easily be attacked and often lead to crippling secondary attacks as well.
Here’s how to protect yourself.
Malicious hacking can happen to almost anyone
A few weeks ago, Mat Honan, a San Francisco–based journalist who writes for various tech publications, found himself locked out of his Mac, his iPhone, and even his Gmail account. As detailed in an NPR story, Honan alleges that someone used his name and his physical-world address in a call to Apple technical support to change his password-reset e-mail address. From there, the criminal was able to wreak havoc on Mat Honan’s online existence.
The criminal hacker didn’t know Honan’s Apple secret identification questions. Instead, he provided Apple with the last four digits of Honan’s credit card that Apple had on file. It was, by the way, the same credit card Honan routinely used at Amazon — which displays the last four digits of the user’s credit card on the checkout page.
Apple has since discontinued the practice (more info) of over-the-phone password resets, according to a Wired story.
We all have multiple accounts, and it’s human nature to use some of our credentials more than once. Fortunately, this cautionary tale provides some easy lessons that might prevent this catastrophe from happening to you.
Honan placed his home address on his personal website — not a very secure thing to do. Second, in a Wired story, he admitted using the same password for more than one account — again, not a good security practice. Last, the overused password was a weak one.