Apple Support Allowed Hacker Access to Reporter's iCloud Account
On Friday, Wired writer Mat Honan recounted the tale of how his iCloud account was hacked which resulted in his iPhone, iPad and MacBook Air getting remote wiped.
The point of entry appeared to be his iCloud account which was then used to gain access to Gmail and then his and former-employer Gizmodo's Twitter accounts.
At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere.
...
The backup email address on my Gmail account is that same .mac email address. At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed.
At 5:00 PM, they remote wiped my iPhone
At 5:01 PM, they remote wiped my iPad
At 5:05, they remote wiped my MacBook Air.
A few minutes after that, they took over my Twitter. Because, a long time ago, I had linked my Twitter to Gizmodo’s they were then able to gain entry to that as well.
Honan wasn't entirely sure how the hackers had gotten access to his iCloud account. His guess was that they had somehow brute-force guessed the password, while others speculated his password had been keylogged or used in another insecure service.
As it turns out, the hacker was able to call Apple support and convince them they were the user. From an update to the original blog post:
I know how it was done now. Confirmed with both the hacker and Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions.
After convincing Apple support that they were Mat Honan, the hacker had Apple Support change Honan's iCloud password which gave them full access. From there, they were able to perform the remote wipes on Honan's devices using Apple's Find My iPhone service which offers remote wipe as a security feature for lost devices.
As a somewhat public figure, Honan may have been an easier target than the average iCloud user, but many users may also have personal information publicly available on online services such as Facebook that could be used in a similar fashion. Forbes' Adrian Kingsley-Hughes suggests that Apple "needs to tighten up security and come clean about what went wrong here."
Popular Stories
Apple will finally deliver the Apple Watch Ultra 3 sometime this year, according to analyst Jeff Pu of GF Securities Hong Kong (via @jukanlosreve).
The analyst expects both the Apple Watch Series 11 and Apple Watch Ultra 3 to arrive this year (likely alongside the new iPhone 17 lineup, if previous launches are anything to go by), according to his latest product roadmap shared with...
The iPhone 17 Pro and iPhone 17 Pro Max are three months away, and there are plenty of rumors about the devices.
Below, we recap key changes rumored for the iPhone 17 Pro models as of June 2025:Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone X through iPhone 14 Pro have a...
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps.
Unfortunately, this feature continues to roll out very slowly since it was announced in 2021, with only nine U.S. states and Puerto...
Apple is hiding a new ringtone within iOS 26.
The new ringtone is an alternative version of the existing Reflection ringtone, which has been the default ringtone since the iPhone X was released in 2017. It was discovered within the code for the first developer beta of iOS 26, but it remains hidden, so you will not find it in the list of ringtones available in the Settings app for now.
It...
Apple today seeded the first betas of upcoming iOS 18.6 and iPadOS 18.6 updates to public beta testers, with the betas coming just a few days after Apple provided the betas to developers.
Testers who have signed up for beta updates through Apple's beta site can download iOS 18.6 and iPadOS 18.6 from the Settings app on a compatible device by going to General > Software Update.
When the...
Apple this week revealed that iOS 26 is compatible with the iPhone 11 series and newer.
That means that iOS 18 is the end of the road for the iPhone XS, iPhone XS Max, and iPhone XR, which were all released in 2018. However, those devices will continue to receive security updates for at least a few more years.
iOS 26 is compatible with the following iPhone models:
iPhone 16e
iPhone...
With iOS 26, Apple has made some additions to the iPhone Lock Screen that aim to make it more customizable than ever.
Of course, things can always change before the software makes its way to the general iPhone-owning public, but here are five new things iOS 26 can do on the Lock Screen as of the current developer beta.
Widgets Top or Bottom
In iOS 18, the row of widgets on your Lock...
The Apple Watch Ultra 3 is expected to launch later this year, arriving two years after the previous model with a series of improvements.
While no noticeable design changes are expected for the third generation since the company tends to stick with the same Apple Watch design through three generations before changing it, there are a series of internal upgrades on the way.
By the time the ...
Spotify appears to be gearing up to launch its long-awaited lossless music tier.
Chris Messina (via TechCrunch) and Spicetify (via The Verge) spotted new lossless references within the code for Spotify's desktop app and web player.
With assistance from Aaron Perris, MacRumors has confirmed that the latest beta of the Spotify app for the iPhone also contains new lossless-related code....