One of the biggest stories in the tech world this weekend was Wired reporter Mat Honan getting “hacked, hard” in his own words. It’s a pretty terrifying tale if you have anything of personal significance on your computer.Here’s what happened:
At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere. When I set it up, years and years ago, that seemed pretty secure at the time. But it’s not. Especially given that I’ve been using it for, well, years and years. My guess is they used brute force to get the password (see update) and then reset it to do the damage to my devices.
The backup email address on my Gmail account is that same .mac email address. At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed.
At 5:00 PM, they remote wiped my iPhone
At 5:01 PM, they remote wiped my iPad
At 5:05, they remote wiped my MacBook Air.
A few minutes after that, they took over my Twitter. Because, a long time ago, I had linked my Twitter to Gizmodo’s they were then able to gain entry to that as well.
As you can see, he initially thought the hacker guessed his password. Well, it turns out that wasn’t the case.
Instead, the hacker called up Apple support and convinced it that he was Mat Honan. Because Honen is a public figure, the hacker was able to skip over some of the security questions and take over his account.
This is absolutely chilling. Apple screwed up big time, and it should explain to Honan (if it hasn’t already) how this could have happen.