Security Experts:

Apple's Support Department Blamed for Journalist's Hacking

Apple’s tech support department is taking some heat after their actions led to a journalist losing control of all of the data associated with his iCloud account, which in turn led to the compromise of Gizmodo’s Twitter account over the weekend.

On Friday, Gizmodo’s Twitter feed was hijacked by a group calling themselves Clan VV3. Who they are, or what they represent isn’t clear. However, in addition to Gizmodo, they have been linked to more than a dozen incidents on Twitter. What is known though, is how they were able to access Gizmodo’s feed, through an ex-employee’s account.

The ex-employee is Mat Honan, and his experience has been well documented on his personal blog. Over the weekend, during a series of updates on the situation, he posted this:

“I know how it was done now. Confirmed with both the hacker and Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions. Apple has my Macbook and is trying to recover the data. I’m back in all my accounts that I know I was locked out of. Still trying to figure out where else they were.”  

The attackers social engineered their way past Apple’s identity confirmation systems, and in addition to hijacking Gizmodo’s Twitter, they remotely wiped everything connected to his iCloud account – including his iPhone, iPad, and MacBook Air.

“Because I’m a jerk who doesn’t back up data, I’ve lost at more than a year’s worth of photos, emails, documents, and more. And, really, who knows what else,” Honan lamented, outlining the full scope of what was lost.

Honan said that Apple Care told him that all access to his account was restricted internally, as now only one person has the ability to change it. He has also reached out (as a reporter) to Apple CEO Tim Cook and the PR team. Neither Cook, nor Apple’s PR team have offered comments.

The incident sparked a debate on whether or not it is wise to store all of one’s eggs in a single basket by trusting cloud-based storage implicitly. It also served as a reminder that backups key to surviving a disaster such as this intact. More so though, it proves that humans are – and always will be – the weakest link in the security chain.

Aside from the backups, Honan did all the right things. Despite this, he still became a victim, which proves that the security of our service providers has a lot of growing to do.

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.