Weak Amazon Security Ruins Man's Digital Life

Dennis Faas's picture

Imagine waking up one day and finding that the digital contents of your smartphone, laptop, and tablet computer have all been wiped out by hackers.

This nightmare recently became reality for Wired.com writer Mat Honan, who later discovered that major holes in Apple and Amazon security had allowed the hack to occur.

The hackers did a lot of damage. Not only did they wipe the contents of Honan's iPad, MacBook, and iPhone, but they infiltrated his Gmail account (and deleted it) and his Twitter account, where they posted a number of unseemly comments. (Source: venturebeat.com)

Amazon's Swiss Cheese Security Easily Bypassed by Hackers

Here's how this hack happened:

First, the hackers got hold of three easy-to-acquire pieces of information: Honan's email address, his name, and his billing address. Then, pretending to be Honan, they called Amazon to request access to the Wired writer's account.

Because Amazon requires just these three, simple bits of information -- billing address, name, and email -- the hackers were able to gain full access to Honan's Amazon account.

Once logged into Honan's Amazon account, the hackers acquired the last four digits of his credit card number. They then called Apple and used this additional piece of information to gain access to Honan's iCloud account.

Now they were positioned to make Honan's day very, very miserable.

Understandably, when Honan found out about all this he was livid. He took to the web to express his outrage that both Amazon and Apple security could be so easy to bypass.

Writer's Digital Life "Destroyed" in an Hour

"Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter," Honan wrote. "In the space of one hour, my entire digital life was destroyed." (Source: wired.com)

Amazon has since revealed it will no longer pass along security data when people call with those three, easy-to-find pieces of personal information. However, the company has not yet commented on Honan's specific situation. (Source: wired.com)

In the meantime, security experts are insisting that companies like Amazon and Apple devise consistent and more robust security policies that won't be so easily exploited by crafty hackers. (Source: venturebeat.com)

Rate this article: 
No votes yet