Mat Honan has a chilling write-up over at WIRED about how his life was basically ruined because a hacker hacked his personal accounts with the help of Amazon and Apple. Because Mat’s accounts were linked together, the hacker was able to get the last 4 digits of his credit card (something that’s pretty easy to come by anyway) and use it to log in to Mat’s iCloud account and then effectively erase and change all account settings. From there, the hacker was able to basically change Mat’s email, Twitter, and Facebook account passwords because all his email reset reminders were being sent to one account.
It’s a serious story that should alarm all of us who regularly use these popular internet services.
The thing to learn from this entire reading is that Mat’s accounts weren’t hacked because of a poor password or brute force attack. His accounts were hacked using readily available information about himself.
So what are some ways you can prepare yourself from this sort of social hacking? Well, for one, go and activate 2-step verification process now in Google and also enable 2-step verification in Facebook. Yes, it’s an extra step, but one that you’ll only need if you log in from an unknown computer. A small sacrifice for a huge misstep if you don’t.
And as always, back up your data locally — not to the cloud.