I have talked to numerous people that believe Apple and their products are very secure, I have listed a security breach into Apple’s Apple ID that might make you think twice about that. It is also a read into cloud security and some things that you should not do.
Mat Honan’s Compromise Mat Honan is a writer for Wired Magazine and in early August had nearly his whole digital life wiped off the map. This article on Wired is a interesting read into how he was compromised and some thoughts on how to avoid what happened to him.
A quick summary is he had some of his important website accounts linked together. This account linking allowed hackers to obtain access to his ICloud account taking advantage of lax security related to Apple’s password reset.
The hacker really just wanted to take Matt’s Twitter account. They realized who he was and that he had other accounts linked to Twitter and that lead them to the Apple account. To gain access to the Apple account, they had apple issue a temporay password. This required the billing address and also the last 4 digits of a credit card registered to the Apple account. They called Amazon and obtained the last 4 digits of his credit card with social engineering.
From there ,it was easy to gain access to the other accounts. I have listed some steps below to avoid this type of compromise.
- Unlink all essential accounts from one another.
- Set up an email account that’s only used for other account resets.
- Regularly back up all your devices onto a secure hard disk.
- Change your password regularly and use two-factor authentication if available.
- Don’t have the same username or password for all accounts.
- If the information isn’t necessary for your account don’t provide it.
- Delete and never store any credit card numbers in online accounts
If you have any questions or concerns about the security of your accounts or systems, please don’t hesitate to call us.