Mat Honan’s Epic Hacking and the Importance of Two-Factor Authentication

by Jack Newton

Last week news broke of the epic hacking of Gizmodo’s Mat Honan. By exploiting security flaws in both Amazon’s and Apple’s account verification and reset procedures, a hacker was able to obtain access to a wide variety of Honan’s accounts, including his iCloud account. Once they’d gained control of Honan’s iCloud account, the hackers were able to remotely wipe his iPhone, iPad, and his Macbook, destroying his personal data, including irreplaceable pictures of his one-year-old daughter:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

There are many lessons to be learned from Honan’s hacking, but the most important is the sanctity of your e-mail inbox. If a hacker is able to obtain control of your inbox, all is lost: virtually every account linked to your digital identity – from Twitter to Amazon to LinkedIn to iCloud – can be wrested from your control if you lost control of your inbox.

So what is the solution? If you’re making use of Google’s e-mail services, as many of us are, you should immediately activate two-factor authentication. Instead of simply needing a password to log in to your Google inbox (whether provided via Gmail or Google Apps), you enter both your password as well as code that Google sends to you via your mobile phone. A hacker would need both your password as well as your phone to gain access to your account.

Jeff Atwood has a great overview of how you can enable two-factor authentication on your Google Account. I’ve been using two-factor authentication on my Google accounts for the past several months, and it’s an easy way to vastly increase the security of your inbox. If you have doubts as to whether it’s worth the marginal amount of effort to enable and use two-factor authentication, read Mat Honan’s story; when you’re done, go here.

Comments

Verna Milner

August 13th, 2012 at 1:04 pm

Out of curiosity has anyone using a Blackberry device experienced this sort of extensive hacking?

Most Recent Comments

Kerri Salata on Time for an NDA Redesign: Airbus’s Approach to Startup Partnerships:

Great comments, Verna! I agree that if we all took a little time to think about simplifying and continuously improving… more »
Verna Milner on Time for an NDA Redesign: Airbus’s Approach to Startup Partnerships:

"How can we simplify, clarify, and improve?" Should be the motto for the entire justice system. Addressing this question might… more »
Patricia Hughes on The Evasive Passive: The Message From the Law Society of Ontario’s Treasurer:

Of course, you're right, John!! (Aaagh!) Having said that, the "evasion", through failure to name an agent, is the important… more »
John G on The Evasive Passive: The Message From the Law Society of Ontario’s Treasurer:

There is no question that rules that existed and should have been followed were not. It is also clear that… more »

+ -

Canadian Lawyers and Generative AI: Some Suggested Starting Points for the Overwhelmed

Dead Acts and Fat Cats – ‘The Persistent Decline of Social Welfare Law’

Unsubscribe Requirement Hits Hudson’s Bay Company

Are We There Yet? Navigating the Blurred Lines Between ADR and ODR

By 2035 Society Will Abandon Walking: Encouraging Multi-Modal Legal Research

Time for an NDA Redesign: Airbus’s Approach to Startup Partnerships

Mat Honan’s Epic Hacking and the Importance of Two-Factor Authentication

Comments