View RSS Feed

IMC News

Amazon Repairs Security Flaw

Rate this Entry
A flaw in the security system at Amazon was discovered when a reporter's account was hacked over the weekend. Amazon reacted quickly to fix the flaw and changed their policy. Amazon no longer allows account changes to be made over the phone. Evidently a phone call was all that a hacker needed along with the user's email and a few bits of information that were easily found on the internet, in order to change the password for Wired.com reporter Mat Honan's account. The Amazon access led the hacker to his connected Apple and iCloud account, Gmail and then Twitter, which were all used against the reporter. In addition, he lost years of data and family photos when the hacker deleted his accounts. The lesson, Honan says is to not link your accounts and [URL="http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/"]wrote[/URL], "Had I used two-factor authentication for my Google account, itís possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc." [URL="http://www.wired.com/gadgetlab/2012/08/amazon-changes-policy-wont-add-new-credit-cards-to-accounts-over-the-phone/"]Wired.com[/URL] says "We discovered Amazonís policy change on Tuesday after we failed to replicate the exploits used on Honan this weekend. Amazon declined comment on the security hole on Monday, and has since failed to return repeated phone calls from Wired about the vulnerability."

Submit "Amazon Repairs Security Flaw" to Digg Submit "Amazon Repairs Security Flaw" to del.icio.us Submit "Amazon Repairs Security Flaw" to StumbleUpon Submit "Amazon Repairs Security Flaw" to Google

Comments