Amazon quietly closes security hole after journalist’s devastating hack

“Amazon changed its customer privacy policies on Monday, closing security gaps that were exploited in the identity hacking of Wired reporter Mat Honan on Friday,” Nathan Olivarez-Giles reports for Wired.

“Previously, Amazon allowed people to call in and change the email address associated with an Amazon account or add a credit card number to an Amazon account as long as the caller could identify him or herself by name, email address and mailing address — three bits of personal information that are easily found online,” Olivarez-Giles reports. “On Tuesday, Amazon handed down to its customer service department a policy change that no longer allows people to call in and change account settings, such as credit cards or email addresses associated with its user accounts.”

Olivarez-Giles reports, “Amazon officials weren’t available for comment on the security changes, but during phone calls to Amazon customer service on Tuesday, representatives told us that the changes were sent out this morning and put in place for ‘your security.'”

Read more in the full article here.

Related articles:
How to configure Google’s two-step authentication – August 7, 2012
Apple responds to iCloud hack: Our internal policies were not followed completely – August 7, 2012

13 Comments

  1. So a journalist loses his entire data on iCloud due to improper security at Apple and Amazon and the first post of it on MDN is to say Amazon fixed their end of the leak?

    This is pure fanboy BS MDN. Shameful.

    1. Actually there have been two articles on MDN today prior to this one concerning the security breach. Is it too much to believe that this article happened to be newsworthy, and not an underhanded attempt to blame Amazon?

    2. Why? It’s mainly due to flaws in GMail and Amazon that the hackers got info allowing them access to his Apple ID, largely due to his having three email accounts that all used his first name.
      Sure there are steps Apple should take, but, as you don’t appear to have read anything about this attack, you aren’t aware of the fact that part of the issue with Apple was their miss-hearing his name and working from incorrect info for ninety minutes.
      Lessons need to be learned all round, and the fact this guy hadn’t backed his Mac up to a HDD, instead putting everything into the Cloud, which has been compromised by the hackers.
      Who were after his Twitter name, because they liked it.

      1. I think twilightmoon’s point is demonstrated best by the response from you and Dabriase. While you are both correct mostly, non fanboys would simply see that both Apple and Amazon screwed up badly and leave it at that. You both seem to have a need to make excuses for Apple as though Apple is your best friend. Listen, Apple is just a company. They don’t know you,Darbriase,Twilightmoon or me. And they don’t plan on having cocktails with us either. Defend real people in life. Make excuses for them. Feel real bad when they screw up and it’s blatantly obvious. Buy them flowers. Apple will get by just fine.

  2. I think there is room for more ads on this page. Holy crap! How about some MacDailyNews with your ads? I can’t believe all of the ads that have dramatically overtaken this website over the years – wow!

  3. I think there is room for more ads on this page. Holy crap! How about some MacDailyNews with your ads? I can’t believe all of the ads that have dramatically overtaken this website over the years – wow!

  4. Adblock works.

    How can anyone but a total cretin pretend to comment on tech issues and yet not have a backup of his “life”. I call bullshit on the whole thing.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.