How Amazon and Apple security flaws allowed a digital life to be destroyed

Mat Honan was hacked over the weekend, his Apple ID/iTunes, Gmail, Amazon, and Twitter accounts all compromised, and his digital life laid ruin. Had his attackers been out for more than just "the lulz", they could have also done incredible harm to his financial life as well.

[What] happened to me exposes vital security flaws in several customer service systems, most notably Apple and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.

It's a chilling tale, and it should embarrass and infuriate Apple and Amazon into implementing proper, modern security policies immediately if not sooner. It should also serve as a giant neon light, flashing, for everyone on the importance of good security and backup.

Go read it, then spend a few minutes wondering if you should take an axe to the network, Battlestar Galactica style. Because what happened to Mat Honan was just one very public example of the exploits and inattentiveness faced by all of us, every day.

Here's how to set up two-factor account verification for Google.

Source: Wired