Apple Support Allowed Hacker Access to Reporter's iCloud Account
On Friday, Wired writer Mat Honan recounted the tale of how his iCloud account was hacked which resulted in his iPhone, iPad and MacBook Air getting remote wiped.
The point of entry appeared to be his iCloud account which was then used to gain access to Gmail and then his and former-employer Gizmodo's Twitter accounts.
At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere.
...
The backup email address on my Gmail account is that same .mac email address. At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed.
At 5:00 PM, they remote wiped my iPhone
At 5:01 PM, they remote wiped my iPad
At 5:05, they remote wiped my MacBook Air.
A few minutes after that, they took over my Twitter. Because, a long time ago, I had linked my Twitter to Gizmodo’s they were then able to gain entry to that as well.
Honan wasn't entirely sure how the hackers had gotten access to his iCloud account. His guess was that they had somehow brute-force guessed the password, while others speculated his password had been keylogged or used in another insecure service.
As it turns out, the hacker was able to call Apple support and convince them they were the user. From an update to the original blog post:
I know how it was done now. Confirmed with both the hacker and Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions.
After convincing Apple support that they were Mat Honan, the hacker had Apple Support change Honan's iCloud password which gave them full access. From there, they were able to perform the remote wipes on Honan's devices using Apple's Find My iPhone service which offers remote wipe as a security feature for lost devices.
As a somewhat public figure, Honan may have been an easier target than the average iCloud user, but many users may also have personal information publicly available on online services such as Facebook that could be used in a similar fashion. Forbes' Adrian Kingsley-Hughes suggests that Apple "needs to tighten up security and come clean about what went wrong here."
Popular Stories
Apple made a major slip Wednesday when it accidentally included hardware identifiers in software code linking to numerous unannounced products.
The leaked information provided MacRumors with concrete evidence of Apple's hardware development across multiple product categories. Here's everything that was confirmed through the code discoveries:
New HomePod mini with updated chip – New...
Apple's upcoming iPhone 17 Pro will have a starting price that is $50 more than the iPhone 16 Pro but it will come with a minimum 256GB of storage, doubling the base capacity compared to last year's model. The information comes from Chinese leaker Instant Digital, posting on Weibo. The account, which has 1.5 million followers, has now made the claim three separate times in recent weeks....
Apple is continuing to tweak the way that the Liquid Glass design looks ahead of the iOS 26 launch, and the latest beta makes a change to the Lock Screen.
The Lock Screen clock has been updated with additional transparency, allowing more of the background to peek through.
Beta 6 on left, beta 5 on right
The clock also has more of a 3D, floating look, which is in line with the rest of the ...
It is now mid-August, meaning that Apple's annual iPhone event is just around the corner.
This year, Apple is expected to unveil the iPhone 17, the all-new iPhone 17 Air, the iPhone 17 Pro, and the iPhone 17 Pro Max.
Here are some of the key rumors for those devices:iPhone 17: Same design as iPhone 16, but with an A19 chip, a larger 6.3-inch display, an upgraded 24-megapixel front camera, ...
We're just about a month away from Apple's annual September event, and we're going to get a new version of the Apple Watch Ultra for the first time since 2023. There are some useful new features rumored for the Apple Watch Ultra 3, which we've summarized below.
Subscribe to the MacRumors YouTube channel for more videos.
Satellite Connectivity - The Apple Watch Ultra 3 will be the first...
An alleged iPhone 17 Pro production leak may provide a first look at the device's milled all-aluminum chassis, which this year includes the camera bump – in contrast to last year's iPhone 16 Pro model that features a glass camera module attached to an all-glass back panel.
Originally shared by leaker Majin Bu, the image below could be of a moulding, but it still lines up with rumors that...
Rumors suggest that Apple is working on an updated version of the Apple TV that's slated for launch later this year. Information about the upcoming device that was found in Apple code indicates that it will be equipped with the A17 Pro chip.
There have been multiple rumors about a new Apple TV coming in 2025 with a new A-series processor, but it hasn't been clear which chip Apple would use...
In case you missed it — this is the post for people who mainly only read headlines — Apple has announced that it will be releasing iOS 18.6.1 and watchOS 11.6.1 later today. Apple shared this information in a press release on its Newsroom website.
The software updates will re-enable the Blood Oxygen feature on Apple Watch Series 9, Series 10, and Ultra 2 models sold in the United States....
While the summer months are often relatively quiet for Apple, the company still has many new products coming later this year.
Below, we have outlined at least 10 new Apple products that are expected to launch later this year, along with key rumored features for each.
This article was originally published last month, and it has been updated with the latest rumors.
iPhone 17 Series
iPhon...
