How a Hacker Gained Access to a Reporter's iCloud Account

matHonan v4editWired reporter Mat Honan details the exact process by which hackers had gained control of his iCloud account. The hijacked iCloud account resulted in a remote-wipe of his iPhone, iPad and MacBook Air, as well as further intrusions into his Gmail and Twitter accounts.

As previously reported, the hackers were able to convince Apple Support to provide them with a temporary password to access Honan's account. Honan details exactly how this was performed.

Apparently, Apple Support only requires an iCloud user's billing address and last-four digits of the credit card on file in order to issue a temporary password. That temporary password grants full access to the user's iCloud account. Apple spokesperson Natalie Kerris issued this statement which claims that internal policies were not followed completely in Honan's case, but failed to specify exactly how:

“Apple takes customer privacy seriously and requires multiple forms of verification before resetting an Apple ID password. In this particular case, the customer’s data was compromised by a person who had acquired personal information about the customer. In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers’ data is protected.”

Wired was able to confirm the reported policy themselves by successfully gaining access to another account using only those two pieces of information: a billing address and last-four digits of the credit card number.

As noted by Honan, a target's billing address is generally easy to determine by looking up a domain registration or by public white pages databases. As for discovering the last-four digits of Honan's credit card, Honan's hacker used a loophole in Amazon's security systems which don't protect the last-four digits of their user's credit card information. The hack requires a two-step phone call to Amazon. In the first call, Amazon allows you to add a second credit card to the account by simply offering the account's billing address, name and email address. Then, a second call allows you to add a second email address by verifying the previously added credit card. This second email address then has access to the account information including the last four digits of the original credit card.

Honan's intrusion seemed to be a result of a targeted effort to infiltrate his Twitter account, and a number of items had to line up just right for the hackers to gain access. The situation does reveal that the differing security processes between different providers could open up unwanted opportunities. It also seems to show that at present, a specific user's iCloud account access can be gained with those two pieces of only semi-private information.

Honan's full story about the sequence of events is an interesting read.

Top Rated Comments

faroZ06 Avatar
117 months ago
Who cares.. Is it a 'rumor' that someone's iCloud account got hacked or is it a fact? It's a FACT. This site is for RUMORS.

You must be constantly angered by MacRumors then.
Score: 35 Votes (Like | Disagree)
brentsg Avatar
117 months ago
This happens with a ton of Xbox Live accounts too. Microsoft doesn't seem to care. Also, since it's Microsoft and not Apple, the media doesn't care either.
Score: 15 Votes (Like | Disagree)
nagromme Avatar
117 months ago
Big, scary, simple failures here on the parts of Apple (using the credit card number as ID), Amazon (giving out that number!) and Google (giving out your alternate email address to strangers).

If I had to name 3 companies (that I actually use) which I trust the most to keep things secure, it would have been those 3... before today! (I know Google tracks me, but I’m surprised at this kind of lapse.)

I’m sure I’m not alone today in turning off Find My iPhone/iPad/Mac for the time being. And it’s probably smart to use different credit cards with different services, even if it means more bills to manage monthly. I do already use different (and hard to guess) passwords, and I back up in multiple ways including locally. Very important.

Something NEW is needed to make security usable AND effective for all of us, and incident this shines a light on the problems. What’s scary is, I doubt we'll see the changes (across MANY more companies than these 3) happening fast enough.

P.S. I hope the hackers spend some serious jail time after wiping out the guy’s family photos :mad:
Score: 12 Votes (Like | Disagree)
heov Avatar
117 months ago
Solution: apple needs better security. more than last 4 digits of CC and billing address should be required.
Score: 10 Votes (Like | Disagree)
Repo Avatar
117 months ago
Who cares.. Is it a 'rumor' that someone's iCloud account got hacked or is it a fact? It's a FACT. This site is for RUMORS.

Really?
Score: 9 Votes (Like | Disagree)
Mengele Avatar
117 months ago
A blogger is not a reporter!
Score: 8 Votes (Like | Disagree)

Top Stories

iPhone 13 Always On Feature

iPhone 13 to Bring Over a Major Feature From the Apple Watch

Wednesday July 28, 2021 2:21 am PDT by
Apple's upcoming iPhone 13 lineup will feature an always-on display akin to the Apple Watch Series 5 and Series 6, according to recent reports. In his weekly Power On newsletter, Bloomberg journalist Mark Gurman, who often reveals accurate insights into Apple's plans, said that the iPhone 13 may feature an Apple Watch-inspired always-on mode. The Apple Watch Series 5 and Apple Watch...
REC ASA CODE2016 20160601 205816 2745

Elon Musk Reportedly Demanded to Become Apple CEO as Part of Potential Tesla Acquisition [Update: Musk Denies]

Friday July 30, 2021 9:04 am PDT by
Tesla CEO Elon Musk reportedly once demanded that he be made Apple CEO in a brief discussion of a potential acquisition with Apple's current CEO, Tim Cook. The claim comes in a new book titled "Power Play: Tesla, Elon Musk and the Bet of the Century," as reviewed by The Los Angeles Times. According to the book, during a 2016 phone call between Musk and Cook that touched on the possibility of ...
duracell battery bitter coating

Apple Says Don't Buy AirTag Replacement Batteries With Bitter Coating

Wednesday July 28, 2021 11:08 am PDT by
Since AirTags were just released earlier this year and are expected to have a year-long battery life, it may be some time yet before AirTag users need a replacement battery, but when the time comes for a refresh, Apple is warning customers not to buy batteries with a bitter coating. AirTags use coin-shaped CR2032 batteries, which happen to be a size that's easy to swallow. Some battery...
nothing ear 1 buds 1

Nothing 'Ear (1)' True Wireless Earbuds Launch to Take on AirPods Pro With ANC and Unusual Design for $99

Tuesday July 27, 2021 7:57 am PDT by
Nothing, a new brand from OnePlus founder Carl Pei, has today officially launched the "Ear (1)" true wireless earbuds after months of anticipation around the company's AirPods Pro rival. The Ear (1) features an in-ear design, Active Noise Cancelation, Bluetooth 5.2, IPX4 water resistance, and a charging case with Qi-compatible wireless charging and a USB-C port. Fast pairing is supported on...
General Apps Messages

Android iMessage Competitor Puts Pressure on Apple

Friday July 30, 2021 3:15 am PDT by
Google and the three major U.S. carriers, including Verizon, AT&T, and T-Mobile, will all support a new communications protocol on Android smartphones starting in 2022, a move that puts pressure on Apple to adopt a new cross-platform messaging standard and may present a challenge to iMessage. Verizon recently announced that it is planning to adopt Messages by Google as its default messaging...
Apple Leak Feature

Apple Demands Leaker Reveals Sources Under Threat of Being Reported to Police

Wednesday July 28, 2021 6:53 am PDT by
Apple has sent a cease and desist letter to a leaker based in China as part of its continuing attempts to curtail leaks of unreleased products, according to Vice. A Chinese citizen who shared images of stolen Apple prototypes on social media was sent a warning letter from Fangda Partners, Apple's law firm in China, on June 18, 2021. An extract from the letter read:You have disclosed without ...
apple rtp land

Apple Preparing to Occupy 200,000 Square Feet of Temporary Space Ahead of New $1 Billion North Carolina Campus

Thursday July 29, 2021 9:14 am PDT by
Back in April, Apple announced a $430 billion investment over the next five years to create more than 20,000 new jobs as the company continues to expand. One significant piece of that plan is a new engineering and research center in North Carolina where Apple will be investing over $1 billion and hiring at least 3,000 employees. Assemblage of seven properties in Research Triangle Park owned by ...
iOS 15 General Feature Purple

Everything New in iOS 15 Beta 4: Safari Tweaks, MagSafe Battery Pack Support, Notification Updates and More

Tuesday July 27, 2021 11:47 am PDT by
Apple today released the fourth betas of iOS 15 and iPadOS 15, introducing additional refinements to the new features that are coming in the software updates. In these betas, Apple has introduced changes for Safari, Notifications, Focus mode, and more. Safari Updates Apple is continuing to refine the design of Safari on the iPhone, and in iOS 15, there are tweaks to improve usability. ...
new m1 chip

Tim Cook on Apple Deciding to Manufacture Components: 'We Ask Ourselves If We Can Do Something Better'

Tuesday July 27, 2021 3:04 pm PDT by
During today's earnings call for the third fiscal quarter of 2021 (second calendar quarter), Apple CEO Tim Cook was asked how Apple decides what components to purchase and what components to develop, and Cook said that Apple asks if it can be done better. We ask ourselves if we can do something better. If we can deliver a better product. If we can buy something in the market and it's great...
a15 chip

iPhone 13 and Redesigned MacBook Pro Chip Production Hit With Gas Contamination

Friday July 30, 2021 5:44 am PDT by
The most important TSMC factory that manufactures Apple's chips destined for next-generation iPhone and Mac models has been hit by a gas contamination, according to Nikkei Asia. The factory, known as "Fab 18," is TSMC's most advanced chipmaking facility. TSMC is Apple's sole chip supplier, making all of the processors used in every Apple device with a custom silicon chip. Industry...