Apple tightens ID policy after hack

By Juha Saarinen on Aug 9, 2012 7:50 AM
Filed under Security

Mitigates social engineering hacks.

Apple has temporarily suspended users' ability to reset their Apple ID passwords over the phone in the wake of a devastating hack on a journalist.

Wired reporter Mat Honan lost control of several online accounts and had his iPhone, iPad and Macbook erased after a hacker used social engineering techniques to get access to his Amazon and Apple accounts.

The attacker had obtained the last four digits of Honan's credit card number by accessing the reporter's Amazon account, and used those to convince Apple personnel that he was Honan.

He subsequently gained control of the reporter's iCloud account that stored backups and data.

According to Wired reports, an Apple spokeswoman confirmed that the company had suspended password resets over the phone to prevent a reoccurence of the attack.

"We're asking customers who need to reset their password to continue to user our online iForgot system," the spokeswoman said.

"This system can reset a password in one of two ways — either have a password reset sent to an alternate email address already on record or challenge the customer to answer security questions they had previously set up. When we resume over-the-phone password resets, customers will be required to provide even stronger identify verification to reset their password."

It is not known if Apple has implemented the password reset suspension worldwide. Apple Ausyralia has been contacted for comment.

Amazon removed the ability to change email addresses and credit card details for its customers over the phone earlier this week.

 
Follow us on Facebook and Twitter
 

Copyright © iTnews.com.au . All rights reserved.

Apple tightens ID policy after hack
 
 
 
 
 
Top Stories
Cloud office vendor taps Ingram for Aussie assault
Intermedia 'gets serious' in Australia, hires first local employee.
 
Sydney firm achieves first in SAP-owned marketplace
UltraServe the only cloud platform provider on Hybris Extend.
 
Avnet holds onto x86 in post-IBM era
Lenovo authorises distie globally.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
Is Microsoft right to limit the reseller channel for Surface?

Latest Comments
CRN Magazine

Issue: 331 | September 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.