|AOL.com Mail Search|
Updated. Former Gizmodo writer & current Wired Gadget Lab staffer Mat Honan is having a pretty bad day. As you can read on his Tumblr post (not to mention elsewhere), hackers compromised his iCloud account. They used that access to reset his iCloud password, reset his Gmail password, gain control of his Twitter account (which in turn gave them access to Gizmodo's Twitter feed and 400K followers) and generally wreak mayhem.
Unfortunately, Honan's iCloud account was tied to his iPhone and iPad, which both had Find my iPhone/iPad turned on. In the attackers' hands, the FMI utility was turned against Honan and both devices were remotely wiped. It got worse: his MacBook Air had Find My Mac enabled, which meant the hackers could erase his SSD... and they did.
Honan's iCloud password was unique to that service, but it was also only seven characters long and hadn't been changed in years. [This turns out not to be a key to the puzzle, see update #2 below.] Given the many points of exposure when iCloud accounts are compromised -- and the potential risk of serious consequences if remote wipe utilities like Find My Mac are controlled by malicious actors -- we recommend using a memorable but strong password for iCloud. (Strong and unique passwords are a good idea in general, but while Google's accounts have options for two-factor authentication with SMS or the Google Authenticator app, iCloud doesn't.)
[Honan was targeted by a hacker group that had previously gone after high-profile Twitter users, which is an unlikely scenario for most of us. However, the risks of an unintended or malicious data wipe if you lose control of your iCloud password are real whether you're an Internet
|Apple TV||Mac 101|