Hacker Forced Online Giants to Change Security PolicyAdded: Monday, August 13th, 2012
Category: Bit Torrent Freedom > The Industries Of Records, Gaming, Software, Movies
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
Apple and Amazon will no longer tell anyone the customers’ credit card details over the phone. The matter is that a hacker nicknamed Phobia has forced both Apple and Amazon to change their security policies by breaking into to a tech journalist’s account.
The hack in question involved looking up Matt Honan’s Twitter and guessing his Gmail account. That’s how the hacker was able to view his backup email address, which also served as his AppleID.
However, the hacker also needed the last 4 digits of the victim’s credit card. This one was got through Amazon by calling the company’s support line and adding a fake credit card account. After this Phobia called Amazon again and claimed to have lost the account password. The hacker used the fake credit card number and added a new email account which allowed him to see the last 4 digits of the victim’s credit card number.
Finally, the hacker called AppleID and used the credit card details alongside with Honan’s birth date in a bid to get a temporary password.
As you can see, it turned out to be very easy, but has caused many problems for both Amazon and Apple, which have been advertising their cloud systems as secure. The online retailer has come up with the best policy, which has stopped allowing people to change their account settings over the phone.
As for Apple, the company is currently freezing all AppleID password requests placed over the phone and is considering a new security policy. However, the question remains what makes anyone to believe that using the last 4 digits of a credit card to verify the user’s identity for such powerful services on linked devices passes for security.
The hacker made a statement, saying that he wanted “to publicize security exploits and allow the companies to fix them”.
August 13th,2012Posted by:
Monday, August 13th, 2012
|Should at the very least have had securecode for online transactions to verify ID on credit card,smacked wrists all round.|
|Actually the security is pretty good; the major weakness were the customer service people. All of the breaches I have cleaned up always resulted from a moronic user that didn't use plain common sense..|
|I have to agree with menahunie,most breaches are caused by simple human stupidity...|
|posted by (2012-08-14 02:49:06)|
|LoL "Apple and Amazon will no longer tell anyone the customers’ credit card details over the phone" there not sopota be doing this in the 1st place LoL. if any thing both corporations should be sued for this. stupid is as stupid does.|
|posted by (2012-08-15 03:04:49)|
|the problem is: customers want this low security crap cause they are lazy. so amazon & apple were only doing what their customers asked them to do.||
Most Popular Stories